D.C. Area Hospital Suffers Data Breach, Approximately 34,000 Patients Affected | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

D.C. Area Hospital Suffers Data Breach, Approximately 34,000 Patients Affected

March 28, 2012
by Gabriel Perna
| Reprints

Washington D.C.-based Howard University Hospital has sent a notification to nearly 35,000 of its patients on a potential disclosure of their protected health information (PHI) that occurred in late January when a former contractor’s personal laptop containing patient information was stolen.  The laptop, stolen from the former contractor’s vehicle, was password protected, according to Howard University Hospital. 

The hospital says, thus far, there is no evidence that suggestions the patients’ files have been accessed.  The former contractor downloaded the files to a personal laptop, which Howard University says violates its privacy rules. The data varied in the types of information contained, but included some or all of the following: names, addresses, Social Security numbers, identification numbers, medical record numbers, birthdates, admission dates, diagnosis-related information and discharge dates.

“We regret this incident, and we have already put in new procedures to prevent similar violations in the future,” Larry Warren, the hospital’s CEO, said in a statement. The hospital says it has since strengthened its contractor policies to make clear that data and laptop encryption are required. Additionally, all laptops issued to Howard University Health Sciences personnel will now be encrypted.

The hospital says it has sent letters to 34,503 patients affected by the breach and has recommended patients contact their banks and credit card companies immediately to notify them of the potential disclosure of their Social Security number. In addition, the hospital says it will provide those patients whose Social Security numbers were included in the information on the laptop with identity theft alert coverage for a period of one year.  Howard University Hospital has also suggested patients check with their banks, credit card companies and other financial institutions for any unusual activity on their accounts. 

The contractor, who ceased work for the hospital in December of last year, reported the theft of the laptop to police on Jan. 25. They notified hospital officials of the theft, which launched an investigation and found the former contractor’s laptop contained patient information. The diagnosis-related material primarily consisted of medical codes used by hospitals and other medical institutions and in some cases included written descriptions of a patient's medical procedures or condition.  

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Population Health Tool that Provides City-Level Social Determinants Data Expands to 500 Cities

A data visualization tool that helps city officials understand the health status of their population, called the City Health Dashboard, has now expanded to 500 of the largest cities in the U.S., enabling local leaders to identify and take action around the most pressing health needs in their cities and communities.

Trump will Nominate Acting VA Secretary Wilkie for Permanent Position

Just a day after the Department of Veterans Affairs (VA) and Cerner inked their $10 billion EHR (electronic health record) deal, President Trump said he would be nominating Acting VA Secretary Robert Wilkie for the permanent position.

ONC Names API Server Showdown Stage 2 Winner

The Office of the National Coordinator for Health Information Technology (ONC) has named 1UpHealth as the Stage 2 winner of the “Secure API Server Showdown” challenge.

EHNAC Developing Trusted Exchange Accreditation Program

To align with the Trusted Exchange Framework and Common Agreement, the Electronic Healthcare Network Accreditation Commission, a nonprofit standards development organization and accrediting body, is working with other organizations to establish a new Trusted Exchange Accreditation Program.

Lawmakers Demand New VA CIO, Citing “Malign Neglect” on EHR Project

A group of Democratic federal lawmakers, five senators and six members of Congress, are calling out the U.S. Department of Veterans Affairs (VA) for what they call “malign neglect” in the agency’s efforts to achieve electronic health record (EHR) modernization.

Medical Record Access Proves Costly for Some Patients, GAO Report Finds

Federal law requires healthcare providers to give patients access to their medical records, but according to a new GAO report, some patients believe they’re being charged too much to access their records.