Establishing Digital Trust: Don't Sacrifice Security for Convenience
Officials at Aurora St. Luke's Medical Center in Milwaukee this week said they are in the process of notifying more than 6,400 patients that their names, Social Security numbers, and other personal information may have been exposed after a laptop computer was stolen.
A St. Luke's spokesman said the laptop was snagged from a locked office in a "secure physician office" located adjacent to the hospital. The affected patients were cared for at some point in the past year at an independent physician group called Cogent Healthcare of Wisconsin.
On Wednesday, Cogent began mailing out the bad news announcements to the 6,400-plus patients, warning that their names, Social Security numbers, date of birth, diagnosis codes, and medical record numbers--not the actual medical records themselves--were housed on the purloined laptop.
"There is absolutely no danger that Aurora medical records of these patients would be or could be in jeopardy through this theft," the spokesman said in a statement.
Aurora St. Luke's and Cogent Healthcare are just the latest healthcare providers to be victimized by a stolen or missing laptop.
In late October, Halifax Health in Daytona Beach, Fla. warned that more than 33,000 patient records were exposed after a laptop was stolen from employee's vehicle in August.
In that instance, some of the data was thought to be password-protected while other data may not have been.
Wisconsin and Florida are two of 43 states that require companies and organizations to notify people when their personal or financial information is accidentally or deliberately compromised.
Aurora St. Luke's officials say so far there's no evidence that any of the affected patients' data has been used for nefarious purposes. Cogent Healthcare is offering free credit monitoring services for anyone who may have been impacted by the data breach.
Hospital officials added that the laptop was stolen in mid-October, but it took computer analysts until this week to identify most of the patients whose records were at risk.
Larry Barrett is a senior editor at InternetNews.com. Based in Las Vegas, Larry covers IT management, enterprise software, services and security.