An unencrypted personal laptop computer containing the personal health information of 3,541 patients was stolen from a car of a University of California San Francisco (UCSF) Medical Center employee last month.
Upon discovering the theft on Sept. 10, the employee promptly alerted San Francisco police, UCSF police and UCSF officials. UCSF then began a technical analysis to determine what information was on the laptop. The analysis revealed that the laptop housed files containing personal and health information for some UCSF patients, including their name and medical record number. Social Security numbers were also involved for a small number of individuals.
Also stolen were paper documents for 31 patients, some of whose information was also on the laptop. Information in the paper documents included patient names, date of birth, medical record number and some health information.
UCSF officials have said there is no evidence at this time that there has been any attempted access or attempted use of the information involved.
Affected individuals are being alerted, and a special phone line has been set up by UCSF to provide additional assistance to those individuals.
Officials from Carequality have stated that there are now more than 150,000 clinicians across 11,000 clinics and 500 hospitals live on its network. These participants are also able to share health data records with one another, regardless of technology vendor.
While stolen financial data still has a higher market value than stolen medical records, as financial data can be monetized faster, there are indications that there is ongoing development of a market for stolen medical data, according to an Intel Security McAfee Labs report.
A phishing scam at Baystate Health in Springfield, Mass. has potentially exposed the personal data of 13,000 patients, according to a privacy statement from the patient care organization and a report from MassLive.
In an update, DirectTrust reported significant growth in Direct exchange of health information and the number of trusted Direct addressed enabled to share personal health information (PHI) in the third quarter of 2016.
Eleven private insurers, including Aetna, Humana and Anthem, are urging the Congressional Budget Office (CBO) to consider the experience of commercial insurers when evaluating the impact of telemedicine coverage in Medicare.