Indiana University Health Arnett Hospital reported the loss of an unencrypted USB drives containing information on 29,000 emergency room patients.
How many victims? 29,324
What type of information? The hospital said the information on the drive included spreadsheets containing patient names, birth dates, home telephone numbers, medical record numbers, physician names, diagnoses and dates of service. Social Security numbers and credit card information were not on the drive.
What happened? On November 20, 2015 the hospital noticed the USB drive had “disappeared” from the facilities emergency department. The content contained dated from Nov. 1, 2015.
What was the response? Arnett Hospital started notifying those affected on Jan. 7 and has set up a call center to handle patient inquiries.
Details? The unencrypted flash drive contained spreadsheets with the patient data. The hospital has not received any complaints from those impacted that their data was being used for nefarious purposes and noted the drive was kept in an area not accessible to the public.
Quote? "Patient medical record information is kept on a secure server. This is not the standard method of storing patient data. Officials cannot be certain an incident will never occur, however, they are taking steps to minimize the chance of such an incident occurring in the future."
Source: Lafayette Journal-Courier