The University of California at San Francisco (UCSF) recently had a data breach that affected 8,294 individuals, thanks to the heft of a physician’s unencrypted personal laptop computer, which contained personal and health information.
According to UCSF, the laptop was stolen from the locked vehicle of physician. Because UCSF could not verify that the laptop was encrypted, the organization began a technical analysis to identify what information was on the laptop. What they discovered is that laptop contained some personal and health information of individuals, including dates of birth, medical record numbers and social security numbers.
In addition, paper documents for four patients were also stolen. The documents contained some personal and health information, including health insurance subscriber numbers. According to UCSF, the use of an unencrypted laptop for business purposes is against its policy and practice.
UCSF has sent notification letters to the 8,294 patients and is offering credit monitoring assistance.