Northwestern Memorial Hospital’s Home Hospice offices were burglarized and six laptop and tablet computer devices were stolen, the Chicago-based hospital reported. According to Northwestern Memorial, it is doing an “internal investigation” to determine if any health information was compromised.
Information that may have been on the devices include patients’ personal demographics, including full name, address, date of birth and social security number; the patient’s medical treatment profile related to home hospice or former home health services, including diagnosis, acuity of symptoms, medications, treatment notes and advanced directives; and payor information, including the patient’s health insurance group, and policy numbers. The devices, according to Northwestern, were undergoing a software upgrade and standard laptop security controls were suspended, thus they personal health information was accessible.
Northwestern says it has sent letters to impacted patients or their families notifying them of the breach. It will provide victims a credit bureau monitoring service to catch irregularities that may signal identity theft. It does not believe the personal information was targeted.
This is just the latest in a string of health data breaches that have reportedly occurred across the country, in Boston, Houston, and elsewhere. Recently, the Obama administration has announced the launch of a public-private partnership aimed at fighting fraud in healthcare.
U.S. Senators Joni Ernst (R-IA) and Mazie Hirono (D-HI), both members of the Senate Armed Services Committee, reintroduced this week the Veterans E-Health and Telemedicine Support Act of 2017 (VETS Act), bipartisan legislation that aims to expand telehealth services provided by the Department of Veterans Affairs (VA).
The number of reported breach incidents in healthcare grew by 22 percent in 2016 from 269 breach incidents in 2015 to 328 last year, according to Symantec’s 2017 Internet Security Threat Report (ISTR).
The Sequoia Project is celebrating its fifth anniversary this month by announcing that its various interoperability initiatives have grown by health organization participants, by geographic reach, and by the sheer number of health records exchanged electronically.
Seventy-two percent of employee say they would share sensitive, confidential or regulated company information under certain circumstances and 68 percent of healthcare employees report that they share confidential or regulated data on occasion, according to the Dell End-User Security Survey.