Data Breach at Stanford Children's Hospital
A laptop was stolen from a Stanford University-affiliated hospital on Jan. 9th. The computer contained medical information and was unencrypted, although password protected. The breach has affected around 57,000 patients from the Lucile Packard Children’s Hospital, as per an announcement this Monday from the hospital.
Within their press release, the hospital explained that the affected persons were patients from 2009, and included names, dates of birth, basic medical descriptors, and medical record numbers. In some cases a small amount of contact information was present as well, but it was stated that “the patient data did not include financial or credit card information”.
The stolen laptop was reported the day after the incident. An investigation was promptly launched with law enforcement that is currently ongoing. The hospital also quickly started contacting the patients who were potentially affected to inform them of the breach. In response to this theft, the victims are offering free identity protection services and can call 855.731.6016 in order to get answers to any questions that they may have. Anyone affected can also go to this website in order to get more information, or answers to the most frequently asked questions.
In response to the breach, the hospital had this to say:
“Lucile Packard Children’s Hospital and the School of Medicine strive to be industry leaders in the area of medical information security. As a result of this incident, we are taking additional steps to further strengthen our policies and controls surrounding the protection of patient data, including redoubling our efforts to ensure that all computers and devices containing medical information are encrypted.”
Online Tech (www.OnlineTech.com) is the leader in secure and compliant hosting services including private cloud hosting, managed cloud hosting, hybrid cloud hosting, managed dedicated servers, disaster recovery and offsite backup services, and Michigan colocation. Online Tech’s legacy of independent HIPAA, PCI, SAS 70 Type II, SSAE 16 Type II (SOC 1), SOC 2, and SOC 3 audits and reports ...
Other Posts by Thu Pham
The moderated business community for business intelligence, predictive analytics, and data professionals.