Roughly 5,000 patients of California-based Palomar Health are being notified that their personal information may be at risk after an encrypted laptop and two unencrypted flash drives were stolen from an employee's vehicle.

How many victims? About 5,000. 

What type of personal information? Names, dates of birth, diagnoses, treatments, insurance information, and, in some cases, Medicare identification numbers.

What happened? An encrypted laptop and two unencrypted flash drives containing the patient information were stolen from a Palomar Health employee vehicle.

What was the response? An outside firm was hired to determine what information was on the devices. Palomar is working with employees to prevent a similar incident from occurring, and is looking into additional security measures. Palomar is notifying all impacted patients.

Details: The encrypted laptop and unencrypted flash drives – which the employee took home to do work – were stolen late on Feb. 21 or early on Feb. 22. The investigation concluded on March 24 and notification letters began going out on Friday. Palomar has no indication the data has been misused.

Quote: “Palomar Health takes this matter very seriously and is committed to protecting patient privacy, and we deeply regret any inconvenience this may have caused our patients,” Kim Jackson, privacy officer for Palomar Health, said. 

Source:, “Data stolen from 5,000 Palomar Health patients,” March 28, 2014.