Two laptops containing sensitive patient information recently were stolen from California-based hospital system John Muir Health.

How many victims? 5,450.

What type of personal information? Unspecified.

What happened? The laptops, which contained patient information dating back more than three years, were stolen in February from a locked and guarded building at the John Muir Physician Network Perinatal office in Walnut Creek, Calif.

Details: The laptops were password protected and contained data in a format that would not have been readily accessible. There is currently no evidence that the sensitive information has been accessed or used inappropriately.

Quote: “We apologize for any inconvenience or anxiety this incident may cause our patients,” said Hala Helm, John Muir's vice president and chief compliance and privacy officer. “We take this issue very seriously and are committed to protecting the personal and health information of our patients.”

What was the response? After discovering the theft, local police and the U.S. Department of Health and Human Services were notified. An investigation into the incident was carried out by law enforcement, external vendors and internal experts to determine what information was stored on the laptops and whether it could be accessed.

Affected individuals have been notified and offered a one-year free subscription for credit monitoring services.

John Muir has implemented additional security measures, including data encryption software on laptops, to protect patient information.

Source: http://sanfrancisco.bizjournals.com/sanfrancisco/, San Francisco Business Times, “John Muir Health to notify 5,450 patients of data breach,” April 5, 2010.