Connecticut hospital loses more than 90,000 patient records

Share this article:

MidState Medical Center, located in Meriden, Conn., has reported missing a hard drive containing the personal information of tens of thousands of hospital patients.

How many victims? 93,500.  

What type of personal information? Names, addresses, dates of birth, Social Security numbers and medical record numbers.

What happened? An employee of MidState's sister facility, Hartford Hospital, violated company policy by transferring patients' sensitive data to a personal hard drive to work from home.

Details: The drive was discovered missing on Feb. 15 and the employee has since been dismissed. The hospital does not believe that any information on patient diagnosis or treatment was compromised.There is currently no evidence that the information has been misused.

What was the response? After discovering the breach, the hospital launched an investigation and reported the incident to law enforcement. Affected individuals are being notified and offered two years of identity protection services. In addition, MidState Medical Center and other affiliated facilities are reviewing their policies and taking unspecified steps to prevent a recurrence.

Sources: MidState Medical Center, “Important Notice to Patients Regarding Misplaced Personal Information,” April 5, 2011.

The Hartford Courant, “Hospital Records Breach Involves 93,500 Patients,” April 5, 2011.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.