Risk Assessments/Management, Data Security, Encryption, Breach, Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Unencrypted EMC laptop stolen containing patient data

An unencrypted laptop containing the personal data of roughly 10,000 medical patients in Connecticut was stolen from a hospital vendor employee's home.

How many patients? 9,558.

What type of personal information? Names, Social Security numbers, addresses, birth dates, marital statuses, treatment records, and Medicare and Medicaid numbers.

What happened? The laptop belonged to an employee of Greenplum, a subsidiary of storage vendor EMC. The company was doing work for Hartford Hospital and home and hospice health care provider VNA HealthCare.

What was the response? The employee who lost the device reported the theft to police, and Hartford Hospital and VNA HealthCare are offering victims two years of free credit monitoring.

Details: Hospital officials don't believe any of the data on the laptop has been misused, but the computer's lack of encryption was a violation of EMC policy. (EMC is the owner of RSA, whose product line includes encryption technology).

Source: courant.com, The Hartford Courant, "Computer With Patient Information Stolen," July 30, 2012.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.