Thieves stole a laptop containing the personal information of several thousand patients of Indiana University (IU) Health Arnett Hospital. This marks the second breach in more than a year for the university’s health system.
How many victims? 10,300.
What type of personal information? Patient names, birth dates, physician names, medical record numbers, diagnoses and dates of service.
What happened? On April 9, burglars stole the unencrypted, but password-protected, laptop from a hospital employee’s car.
What was the response? Lafayette, Ind.-based IU Health Arnett only began notifying victims on Friday. The hospital has set up a toll-free number to answer questions.
Details: In February 2012, IU Goshen Hospital disclosed a breach in which more than 12,000 job applicants and fewer than 500 patients may have had their personal information exposed when malware was discovered on a hospital server.
Quote: “Arnett is committed to maintaining the privacy and security of the patient information provided to us, and we worked hard to notify our patients as soon as possible,” said Kasey Fuqua, a spokeswoman for IU Health Arnett, in a statement. “As soon as we learned of the theft on April 10, we immediately began a thorough internal investigation to determine which of our patients were affected and what information was included.”
Source: www.jconline.com, Lafayette Journal and Courier, “IU Health Arnett laptop stolen,” May 10, 2013.