A recent security breach at medication management vendor Omnicell, which exposed the personal information of 4,000 patients of the University of Michigan Health System, also impacted several thousand patients of both South Jersey Healthcare and Sentara Healthcare.
“Norfolk, Va.-based Sentara said Omnicell had disclosed that a device was stolen from an Omnicell employee’s car on Nov. 14,” writes Modern Healthcare’s Joseph Conn. “‘In our area, there were about 56,000 patient records that were affected,’ said Cheri Hinshelwood, a Sentara communications adviser. … Greg Potter, assistant vice president of marketing and public relations at South Jersey Healthcare in Vineland, N.J., said the breach affected 8,555 of its patients.”
“Investigation shows the files on the device could have contained information including patient name, birth date, patient number and medical record number. … The device was password protected, however the information contained was not encrypted,” South Jersey Times reports.
“The files on the laptop, which was actually stolen on Nov. 14, 2012, had been collected from Omnicell’s medication dispensing cabinets over one to three weeks, company spokesman Todd Sims wrote in an email,” writes The Suffolk News-Herald’s Matthew Ward. “The engineer, whose vehicle was parked at his home in California at the time of the theft, had downloaded the information ‘while validating pre-release software for the hospital.'”