More than a thousand patients of California-based Redwood Memorial Hospital are being notified that their personal information may have been compromised after an unencrypted thumb drive containing the data went missing.
How many victims? 1,039.
What type of personal information? Names, ages, dates of birth, genders, heights, weights, ID and medical record numbers, physician names, operator/technician names, clinical summary of test findings, report ID numbers, facility names and addresses where services were rendered, test indications, and test recording and analysis dates and times.
The hospital has not identified whether Social Security numbers or financial data was stored on the thumb drive.
What happened? A thumb drive containing the data went missing from a hospital office and has yet to be recovered.
What was the response? The hospital is alerting all affected patients by mail. Security policies and procedures are being reviewed and updated, and steps are being taken to ensure such devices are secured.
Details: A hospital employee discovered on Nov. 8 that the unencrypted thumb drive had been missing from the Cardiopulmonary Services Department since Nov. 6. The information on the drive is related to a test performed in the department between 2001 and 2013.
Quote: “We are deeply sorry for this oversight and take it very seriously,” David O'Brien, president of Redwood Memorial Hospital, said in a release. “As soon as we were made aware, we took immediate action to safeguard our patients' information. We remain committed to providing all of our patients with safe, quality care and will work hard to protect the confidentiality of their data.”
Source: times-standard.com, Times-Standard, “Hospital: Thumb drive with patient data missing,” Nov. 19, 2013