University of Kentucky HealthCare (UK HealthCare) recently began notifying 1,079 patients that their protected health information (PHI) may have been exposed when a third-party vendor's password-protected laptop was stolen on February 4, 2014 (h/t PHIprivacy.net).

The laptop belonged to an employee of Talyst, which provides pharmacy billing management services to UK HealthCare.

The laptop contained PHI that may have included the 1,079 patients' names, birthdates, medical record numbers, diagnoses, medications, lab results, progress notes, allergies, heights and weights, dates of services, physician names, and clinics. In some cases, insurance carrier names and insurance identification numbers may also have been exposed.


All those affected are being advised to review their credit reports and health insurance benefits statements for suspicious activity.

Patients with questions are advised to contact (877) 528-3970 or privacy@kyu.edu.

Photo courtesy of Shutterstock.