Letters have gone out to patients of Howard University Hospital in Washington, D.C., after their personal information was exposed when a laptop was stolen from the car of a contractor.
How many victims? 34,503 patients who received treatment at the hospital, primarily between December 2010 and October 2011, but some data extended back to 2007.
What type of personal information? Names, addresses, Social Security numbers, identification numbers, medical record numbers, birth dates, admission dates, diagnosis-related information and discharge dates.
What happened? A former contractor's personal laptop containing patient information was stolen from a car in late January. The hospital said in a Tuesday press release that the laptop was password protected, and no evidence exists that the data has been misused.
What was the response? Victims will receive one year of free credit monitoring, and the hospital is encouraging them to contact their banks to inform them about the possible exposure of their Social Security numbers.
From a security perspective, the hospital plans to toughen its contractor policies regarding laptop usage. As well, all laptops distributed to personnel of Howard University Health Sciences will be encrypted.
Quote: “We regret this incident, and we have already put in new procedures to prevent similar violations in the future.” – Larry Warren, CEO, Howard University Hospital
Source: Howard University Hospital, "Howard University Hospital Notifies Patients of Possible Patient Information Disclosure," March 27, 2012