Modernizing Authentication — What It Takes to Transform Secure Access
The Washington State Department of Social and Health Services (DSHS) recently announced that a private contractor's laptop containing the confidential and personal health information of 652 DSHS clients was found to have been stolen on February 4, 2013 (h/t PHIprivacy.net).
The laptop, which belonged to Dr. Sunil Kakar, was recovered in a pawn shop 10 days later. Password protection apparently remained in place, and there was no evidence that the files on the laptop had been accessed.
The clients whose information was on the laptop were receiving services from the DSHS' Economic Services Administration. The information included client names, identification numbers, psychological evaluations, birthdates, the last four digits of Social Security numbers, dates of service, and mailing addresses.
"While there is no information to show that the stolen data has been accessed or used for identity theft, I am erring on the side of caution and notifying every person who might be affected," Kakar wrote in a letter sent to the 652 people affected. "I am extremely sorry for this situation and understand it may cause concern, embarrassment and inconvenience. I try very hard to earn your trust, and that includes protecting sensitive information about you. I take client confidentiality very seriously."