The State Journal-Register reports that a laptop containing the personal and medical information of 1,891 Southern Illinois University HealthCare (SIU HealthCare) patients was stolen in September or October of 2013 from the office of former SIU orthopedic surgeon Dr. Mark McAndrew at Memorial Medical Center (h/t PHIprivacy.net).
The breach was discovered on October 15, 2013, during a check of materials in McAndrew's former office. McAndrew had resigned in mid-September to join the U.S. Army's trauma training center in Florida, and the office had remained locked since then.
Data on the laptop included patients' names, birthdates, ages, admission dates, medical record numbers, diagnoses, procedural codes, and some information regarding the treatments they received.
While there's no indication at this point that the data was accessed, all those affected are being notified of the breach.
"SIU Healthcare understands the critical importance of personal information privacy and doctor/patient confidentiality, and we sincerely apologize that this privacy incident occured," SIU HealthCare chief executive officer Dr. Jerry Kruse said, noting that the physician group is reviewing its security and privacy policies in response to the incident.