The University of California San Francisco (UCSF) Medical Center recently began notifying 9,986 people that their personal and health information may have been exposed when unencrypted desktop computers were stolen from the UCSF Family Medicine Center at Lakeshore on or about January 11, 2014.
On March 6, 2014, UCSF concluded its investigation to determine what data was stored on the stolen computers — they held personal and health information including names, birthdates, mailing addresses, medical record numbers, health insurance ID numbers, driver’s license numbers, and in 125 cases, Social Security numbers.
UCSF is offering one free year of ID Experts FraudStop Credit and CyberScan monitoring and recovering services to the 125 people whose Social Security numbers were exposed.
“The University of California is committed to maintaining the privacy of personal information and has taken additional steps to secure that information, including strengthening our educational and operational processes for information security,” UCSF Medical Center executive director for ambulatory services David Morgan wrote in the notification letter [PDF].
On September 9, 2013, an unencrypted laptop containing 3,451 patients’ personal and health information was stolen from a UCSF Medical Center employee’s car, and later the same month, a laptop containing 8,294 patients’ personal and health information was stolen from a UCSF physician’s locked vehicle.