Connecticut hospital loses more than 90,000 patient records

Share this article:

MidState Medical Center, located in Meriden, Conn., has reported missing a hard drive containing the personal information of tens of thousands of hospital patients.

How many victims? 93,500.  

What type of personal information? Names, addresses, dates of birth, Social Security numbers and medical record numbers.

What happened? An employee of MidState's sister facility, Hartford Hospital, violated company policy by transferring patients' sensitive data to a personal hard drive to work from home.

Details: The drive was discovered missing on Feb. 15 and the employee has since been dismissed. The hospital does not believe that any information on patient diagnosis or treatment was compromised.There is currently no evidence that the information has been misused.

What was the response? After discovering the breach, the hospital launched an investigation and reported the incident to law enforcement. Affected individuals are being notified and offered two years of identity protection services. In addition, MidState Medical Center and other affiliated facilities are reviewing their policies and taking unspecified steps to prevent a recurrence.

Sources: MidState Medical Center, “Important Notice to Patients Regarding Misplaced Personal Information,” April 5, 2011.

The Hartford Courant, “Hospital Records Breach Involves 93,500 Patients,” April 5, 2011.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Programming error results in CVS Caremark mailing blunder

About 350 CVS Caremark customers are being notified that a programming error resulted in mailers containing their personal information being sent to the wrong customers.

Seattle University donor checks possibly exposed due to settings error

Seattle University is notifying an undisclosed number of donors that anyone with a Seattle University computer account could have viewed scanned checks.

Laptop stolen from Self Regional Healthcare contained patient data

As least 500 patients of Self Regional Healthcare have been notified that their personal information was on a laptop stolen from a Self Regional facility.