Burglary compromises info of thousands at Calif. medical center

Share this article:

More than 3,500 patients of University of California San Francisco Medical Center (UCSF) may have had data compromised after a hospital laptop was stolen from an employee's vehicle.

How many victims? 3,541.

What type of personal information? Names and medical record numbers were among the personal and medical information contained on the unencrypted laptop. Social Security numbers were also involved for a small number of individuals.

What happened? The laptop was stolen from the locked car of a hospital employee who works in the Division of Transplantation. 

What was the response? Upon learning of the break-in, the employee immediately notified San Francisco police, UCSF police and UCSF officials. The California Department of Public Health and the attorney general of California were alerted, as well as federal authorities. UCSF began an extensive technical analysis to determine what information was on the laptop. Letters are being sent home to affected individuals, and some are being offered free credit monitoring services. UCSF is strengthening educational and operational processes to prevent similar incidents from occurring.

Details: The UCSF employee alerted officials of the incident on Sept. 10, one day after the break-in occurred.

Quote: “The security of protected health information at UCSF is of utmost importance,” according to a release posted to the UCSF website. “While there is no evidence at this time that there has been any attempted access or attempted use of the information involved, UCSF is responding with the highest level of caution and concern.”

Source: ucsfhealth.org, “Laptop Computer Theft at UCSF,” Oct. 2, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.