Cleveland hospital's unencrypted hard drive stolen, thousands affected

Share this article:

More than 7,100 patients who received care at University Hospitals of Cleveland are being notified that an unencrypted hard drive containing their data has been stolen.

How many victims? 7,170.

What type of personal information? Names, addresses, dates of birth, medical record numbers, insurance provider information and health information about specific patient treatment. Social Security numbers were compromised for 33 patients.

What happened? A thief stole the hard drive from the car of a third-party vendor working on upgrading the hospital's computer systems.

What was the response? University Hospitals has contacted law enforcement and opened an investigation into the theft. All patients are being notified by mail and the 33 who had their Social Security numbers exposed are being offered one free year of credit monitoring and identity theft protection services. The hospital is tightening its policies on use of technology by mandating that no devices be used unless encryption protection is active.

Details: University Hospitals was notified of the theft on Aug. 8.  

Quote: “There's no evidence that would lead us to believe that the thief knew what was on the hard drive or could even get into it,” Janice Guhl, a hospital spokeswoman, said. “We're trying to be very transparent because we want to make sure people are doing everything they can to protect themselves.”

Source: 19actionnews.com, 19 Action News, “University Hospitals possible security breach,” Nov. 4, 2013; cleveland.com, “UH notifies 7,100 patients of stolen hard drive with personal medical information,” Nov. 4, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in The Data Breach Blog

Backup hard drive stolen from law firm contained personal info

Social security numbers were among the information on a backup hard drive that was stolen from an employee of Imhoff and Associates, PC.

POS malware infections at two OTTO pizzeria locations in Maine

About 900 customers at two OTTO pizzeria locations in Portland, Maine, had payment card data compromised after POS malware was discovered on terminals.

Los Angeles-based health system breached; more than 500 patients affected

Personal information on more than 500 Cedars-Sinai Health System patients was compromised after a laptop was stolen from an employee's home.