Hospitals, for quite a while now, have been dealing with data breaches of patient information. But this week, six laptop and tablet computers were stolen from the home hospice offices at Northwestern Memorial Hospital in Chicago and the hospital is not saying how many patients had to be notified that their protected health information was compromised, according to a story at healthdatamanagement.com.
Hospices are where terminally ill patients usually stay until they die.
At risk were “Social Security numbers, name, address, date of birth, diagnosis, acuity of symptoms, medications, treatment notes, advanced directives, and insurance group and policy numbers,” the web site reports. Data breaches, of course, are not new.
In Utah earlier this year, 280,000 Medicaid patients were told their personal information had been breached, while in New York, the medical and personal records of almost 2,000 patients, vendors, contractors and staff were breached when magnetic data tapes were stolen in February.
Breaches cost the US healthcare industry $6.5 billion a year. In just four cases where information went unprotected, 7 million patients’ files were vulnerable.
The hospital was quoted in the story as saying that it does not believe the personal information was a target of the theft, and is offering affected patients credit monitoring services but would not give any details on services what exactly will be offered.
Northwestern in the statement said the devices were undergoing “a software upgrade and standard laptop security controls were suspended during that time,” the story notes. The hospital also said it is taking “decisive measures” to prevent future breaches, including limiting the number of patient records stored on laptop and tablet computers.
Northwestern is not alone. Last week, the Boston Globe reported that Beacon Israel Deaconess Medical Center (BIDMC) sent letters to 3,900 potential victims of a health data breach, resulting from the theft of a physician’s personal laptop that contained patient information, according to EHRIntelligence. The hospital published a press release about the event this past Monday and indicated that no misuse of patient data had been found.
Edited by
Braden Becker
