Ultrasound theft results in data breach at health care company Kaiser Permanente
Kaiser Permanente reported a data breach that exposed about 1,100 patient records, after two employees allegedly stole ultrasound machines containing personal data.
Health care consortium Kaiser Permanente's Northern California division has publicly disclosed a data breach after two of its employees allegedly stole an unspecified number of ultrasound machines containing protected health information. As of July 11, 2016, approximately 1,100 patients are known to be affected.
According to a breach notification the company posted online yesterday, Kaiser Permanente (KP) discovered the theft on June 10, and subsequently recovered most of the equipment. An investigation found some of the ultrasound machines contained such information as medical record numbers, names and images. No financial information was stored on the devices, and “There is no sign that health information has been used for fraud or other criminal activity,” stated Angela Anderson, Regional Privacy & Security Officer, Kaiser Permanente Northern California, in the online notification.
The alleged thieves intended to sell the machines for profit, not the data within them, KP reported. An investigation is ongoing.