Unencrypted medical laptop goes missing, compromising patients

Share this article:

Information may have been compromised for patients of UT Physicians – the medical practice at University of Texas Health Science Center at Houston (UTHealth) – after an unencrypted laptop containing the data was reported missing.

How many victims? 596 patients had information stored on the laptop.

What type of personal information? Names, birth dates and medical record numbers, as well as hand and arm image data.

What happened? An unencrypted laptop containing patient data was discovered to be missing from a locked closet in the UT Physicians orthopedic clinic.  

What was the response? UT Physicians notified the police and commenced a search for the laptop, which remains missing. The Texas medical practice sent letters to affected patients, alerting them of the incident. UTHealth is checking the more than 5,000 laptops in use to ensure the machines are encrypted and are also tightening procedures for the purchase of medical equipment. Additional review and inventory processes have been established and the medical group has invested in hardware, software and personnel to ensure a similar incident does not occur again. An investigation is ongoing.

Details: The unencrypted laptop – a specialized computer attached to an electromyography machine – was reported missing from a locked closet in the UT Physicians orthopedic clinic on Aug. 2. The laptop had previously been used on July 19. UT Physicians began sending out letters to affected patients on Aug. 28. The laptop remains missing.

Quote: “UT Physicians is committed to patient privacy and deeply regrets that this incident occurred,” according to a post on the UT Physicians website. “Encryption of all laptops has been the policy at UT Physicians and UTHealth for the last two years. To date, all known laptops – more than 5,000 – have been encrypted. The medical group and UTHealth have taken steps to ensure that the missing laptop in the orthopedic clinic is an isolated incident.”

Source: utphysicians.com, “UTHealth informs patients of incident related to patient information,” Aug. 28, 2013.

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.