Sutter Health Announces Data Breach | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Sutter Health Announces Data Breach

November 16, 2011
by root
| Reprints

Sutter Physicians Services (SPS) and Sutter Medical Foundation (SMF) — two affiliates within the Sacramento, Calif.-based Sutter Health network of care — announced the theft of a company-issued password-protected unencrypted desktop computer from SMF’s administrative offices in Sacramento the weekend of Oct. 15, 2011. Following discovery of the theft, Sutter Health immediately reported it to the Sacramento Police Department and began an internal investigation.

Sutter says the computer did not contain patient financial records, social security numbers, patients’ health plan identification numbers or medical records. While no medical records themselves were on the computer, some medical information was included for a portion of patients.

According to Sutter, the stolen computer held a database that included two types of information:

1. For approximately 3.3 million patients whose health care provider is supported by Sutter Physician Services (SPS), the database included only the following patient demographic information dated from 1995 to January 2011: name, address, date of birth, phone number and email address (if provided), medical record number and the name of the patient’s health insurance plan. SPS is an organization that provides billing and managed care services for health care providers with which it contracts, including facilities within the Sutter Health network.

2. For approximately 943,000 SMF patients, the database contained the above demographic data as well as the following information dated from January 2005 to January 2011: dates of services and a description of medical diagnoses and/or procedures used for business operations. Because the data of SMF patients was broader in scope, Sutter Medical Foundation has begun the process to notify these patients by mail and said it should come no latter than Dec. 5.

Topics

News

Cerner Files Protest over $62M EHR Contract Awarded to Epic

Cerner Corp. has filed a protest against rival EHR vendor Epic Systems following an “unfair bidding process and a possible conflict of interest” for a recent IT implementation contract awarded by the University of Illinois (UI) medical center.

NewYork-Presbyterian, Walgreens Partner on Telemedicine Initiative

NewYork-Presbyterian and Walgreens are collaborating to bring expanded access to NewYork-Presbyterian’s healthcare through new telemedicine services, the two organizations announced this week.

ONC Releases Patient Demographic Data Quality Framework

The Office of the National Coordinator for Health IT (ONC) developed a framework to help health systems, large practices, health information exchanges and payers to improve their patient demographic data quality.

AMIA, Pew Urge Congress to Ensure ONC has Funding to Implement Cures Provisions

The Pew Charitable Trusts and the American Medical Informatics Association (AMIA) have sent a letter to congressional appropriators urging them to ensure that ONC has adequate funding to implement certain 21st Century Cures Act provisions.

Former Michigan Governor to Serve as Chair of DRIVE Health

Former Michigan Governor John Engler will serve as chair of the DRIVE Health Initiative, a campaign aimed at accelerating the U.S. health system's transition to value-based care.

NJ Medical Group Launches Statewide HIE, OneHealth New Jersey

The Medical Society of New Jersey (MSNJ) recently launched OneHealth New Jersey, a statewide health information exchange (HIE) that is now live.