April 07, 2011

Connecticut hospital loses more than 90,000 patient records

MidState Medical Center, located in Meriden, Conn., has reported missing a hard drive containing the personal information of tens of thousands of hospital patients.

How many victims? 93,500.  

What type of personal information? Names, addresses, dates of birth, Social Security numbers and medical record numbers.

What happened? An employee of MidState's sister facility, Hartford Hospital, violated company policy by transferring patients' sensitive data to a personal hard drive to work from home.

Details: The drive was discovered missing on Feb. 15 and the employee has since been dismissed. The hospital does not believe that any information on patient diagnosis or treatment was compromised.There is currently no evidence that the information has been misused.

What was the response? After discovering the breach, the hospital launched an investigation and reported the incident to law enforcement. Affected individuals are being notified and offered two years of identity protection services. In addition, MidState Medical Center and other affiliated facilities are reviewing their policies and taking unspecified steps to prevent a recurrence.

Sources: MidState Medical Center, “Important Notice to Patients Regarding Misplaced Personal Information,” April 5, 2011.

The Hartford Courant, “Hospital Records Breach Involves 93,500 Patients,” April 5, 2011.

Previous Post
Next Post
Related Articles
Related Topics
Related Links
close

Next Article in The Data Breach Blog

Advertisement

How to Prevent Insider Threats!

POLL

More in The Data Breach Blog

Hackers raid Washington state court system to steal 160,000 SSNs, 1M driver's license numbers

Hackers raid Washington state court system to steal ...

After the public website of the Washington state Administrative Office of the Courts was compromised in February, an investigation revealed the severity of the breach in April.

Personal California birth records found in "unsecure" location

The California Department of Public Health announced that the data included names, addresses, Social Security numbers, and medical information.

Investment regulator loses portable device containing personal data

Although the specifics of the lost information is unknown, the Investment Industry Regulatory Organization of Canada has announced that 52,000 clients of 32 brokerage firms have been affected.