Unencrypted EMC laptop stolen containing patient data | SC Media
Encryption, Breach, Mobile

Unencrypted EMC laptop stolen containing patient data

August 1, 2012

An unencrypted laptop containing the personal data of roughly 10,000 medical patients in Connecticut was stolen from a hospital vendor employee's home.

How many patients? 9,558.

What type of personal information? Names, Social Security numbers, addresses, birth dates, marital statuses, treatment records, and Medicare and Medicaid numbers.

What happened? The laptop belonged to an employee of Greenplum, a subsidiary of storage vendor EMC. The company was doing work for Hartford Hospital and home and hospice health care provider VNA HealthCare.

What was the response? The employee who lost the device reported the theft to police, and Hartford Hospital and VNA HealthCare are offering victims two years of free credit monitoring.

Details: Hospital officials don't believe any of the data on the laptop has been misused, but the computer's lack of encryption was a violation of EMC policy. (EMC is the owner of RSA, whose product line includes encryption technology).

Source: courant.com, The Hartford Courant, "Computer With Patient Information Stolen," July 30, 2012.

prestitial ad