Patients compromised again, second UCSF laptop theft within two months

Share this article:

More than 8,000 patients of University of California, San Francisco (UCSF) are receiving notification letters after a possibly unencrypted laptop that contained the personal information was stolen from a physician's vehicle. A similar UCSF incident occurred in October.

How many victims? 8,294. 

What type of personal information? Names, dates of birth, medical record numbers and Social Security numbers.

What happened? A physician's personal laptop – which contained the personal data and was possibly unencrypted – was stolen from the physician's vehicle.

What was the response? San Francisco law enforcement, the California Department of Public Health and the California Attorney General have been alerted, as well as federal authorities. UCSF is notifying all affected patients by mail and those who had Social Security numbers compromised are being offered credit monitoring services.

Details: Officials learned that the physician, who is based in the Division of Gastroenterology at the UCSF School of Medicine, had a possibly unencrypted personal laptop stolen from their vehicle on Sept. 25. The use of an unencrypted laptop for business purposes is against UCSF policy.

Quote: “UCSF is committed to maintaining the privacy of personal information and has taken additional steps to secure that information, including strengthening educational and operational processes for information security,” according to a UCSF release.

Source: ucsf.edu, “Laptop Computer Theft at UCSF,” Nov. 21, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.