Retinal Consultants Medical Group Admits Security Breach
A laptop containing patients' names, birthdates, genders, races and OCT images was stolen from the medical group's offices in early June.
California's Retinal Consultants Medical Group recently began notifying patients that a laptop computer, a component of a diagnostic imaging machine, was stolen from the medical group's offices on June 5 or 6, 2013 (h/t PHIprivacy.net).
The laptop contained patients' names, birthdates, genders, races and optical coherence tomography (OCT) images. The medical group says no Social Security numbers, driver's license numbers or addresses were stored on the laptop.
"In an attempt to prevent further breaches of PHI, we are increasing the physical security of imaging and other equipment stored at our offices, increasing the interior and exterior security of our offices, and requiring additional information when confirming a patient's identity on the phone," Retinal Consultants Medical Group privacy official Chris Mentink wrote in the notification letter [PDF].
"We are also in the process of determining how we can further secure laptop data and strengthening other aspects of our internal HIPAA security program," Mentink added.