Two employees fired after hospital computer containing PHI is dumped

Share this article:

Two employees at Georgia-based Phoebe Putney Memorial Hospital have been fired after a desktop computer containing information on nearly 6,800 individuals was mistakenly thrown away.

How many victims? 6,777. 

What type of personal information? Names, addresses and medical diagnosis information. Social Security numbers were recorded for 13 people. 

What happened? An employee boxed up her computer while rearranging her office and left the box outside in a locked hallway. A custodian, thinking the box was garbage, threw the box into a dumpster and the following morning the box was gone.

What was the response? Two employees were fired. All impacted individuals are being notified by mail, and are being offered credit monitoring services. Employees are being retrained to ensure a similar incident does not occur.

Details: A police report was filed on Nov. 7. One employee was fired for breaking policy by saving information to the computer's hard drive. The second employee was fired for allowing someone other than an information services staffer to move the computer. There has been no evidence, so far, that the computer was turned on or the information on it was stolen.

Quote: “At this point we do not have any additional information that gives us any sense that the computer will be retrieved,” Audrey Pike, chief compliance and privacy officer, said. “But again we do not have any reason to believe that it has been accessed in any way.”

Source: walb.com, “Two Phoebe employees fired over missing computer,” Jan. 10, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.