Breach, Compliance Management, Data Security, Privacy

Ultrasound theft results in data breach at health care company Kaiser Permanente


Health care consortium Kaiser Permanente's Northern California division has publicly disclosed a data breach after two of its employees allegedly stole an unspecified number of ultrasound machines containing protected health information. As of July 11, 2016, approximately 1,100 patients are known to be affected.

According to a breach notification the company posted online yesterday, Kaiser Permanente (KP) discovered the theft on June 10, and subsequently recovered most of the equipment. An investigation found some of the ultrasound machines contained such information as medical record numbers, names and images. No financial information was stored on the devices, and “There is no sign that health information has been used for fraud or other criminal activity,” stated Angela Anderson, Regional Privacy & Security Officer, Kaiser Permanente Northern California, in the online notification.

The alleged thieves intended to sell the machines for profit, not the data within them, KP reported. An investigation is ongoing.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.