Unencrypted medical laptop goes missing, compromising patients

Share this article:

Information may have been compromised for patients of UT Physicians – the medical practice at University of Texas Health Science Center at Houston (UTHealth) – after an unencrypted laptop containing the data was reported missing.

How many victims? 596 patients had information stored on the laptop.

What type of personal information? Names, birth dates and medical record numbers, as well as hand and arm image data.

What happened? An unencrypted laptop containing patient data was discovered to be missing from a locked closet in the UT Physicians orthopedic clinic.  

What was the response? UT Physicians notified the police and commenced a search for the laptop, which remains missing. The Texas medical practice sent letters to affected patients, alerting them of the incident. UTHealth is checking the more than 5,000 laptops in use to ensure the machines are encrypted and are also tightening procedures for the purchase of medical equipment. Additional review and inventory processes have been established and the medical group has invested in hardware, software and personnel to ensure a similar incident does not occur again. An investigation is ongoing.

Details: The unencrypted laptop – a specialized computer attached to an electromyography machine – was reported missing from a locked closet in the UT Physicians orthopedic clinic on Aug. 2. The laptop had previously been used on July 19. UT Physicians began sending out letters to affected patients on Aug. 28. The laptop remains missing.

Quote: “UT Physicians is committed to patient privacy and deeply regrets that this incident occurred,” according to a post on the UT Physicians website. “Encryption of all laptops has been the policy at UT Physicians and UTHealth for the last two years. To date, all known laptops – more than 5,000 – have been encrypted. The medical group and UTHealth have taken steps to ensure that the missing laptop in the orthopedic clinic is an isolated incident.”

Source: utphysicians.com, “UTHealth informs patients of incident related to patient information,” Aug. 28, 2013.

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Second burglary breach within a month for Coordinated Health

More than 700 Pennsylvania patients have been impacted after Coordinated Health experienced its second burglary-related data breach within a month.

Fate of unencrypted drive unknown, PHI of 5,500 in Virginia at risk

A Virginia-based chiropractic center is not quite sure what happened to an unencrypted thumb drive, which contained personal information - including Social Security numbers - on more than 5,500 patients.

Iowa State server breach exposes SSNs of nearly 30,000

The breach impacts Iowa State students where were enrolled at the university between 1995 and 2012.