Compromised information included name, address, phone number, date of birth, Seton medical record number, patient account number, some Social Security numbers, diagnosis, immunizations and insurance information. Seton immediately notified the Austin Police Department and said it has taken steps to reduce the possibility of this happening again, such as implementing new actions to enhance physical security for all of its facilities.
Upon discovering that the laptop had been stolen, Seton began a thorough investigation regarding the contents of the stolen laptop. Seton’s investigation determined that the stolen laptop included demographic information about patients seen at Seton McCarthy, Seton Topfer and Seton Kozmetsky community health centers and the Seton Total Health Partners program. Unfortunately, due to a missed technology glitch during installation, this specific laptop did not have encryption software installed as required by Seton policy.
Seton partnered with CSID, a leading provider of global enterprise-level identity protection and fraud detection, to provide free identity theft protection for one year for affected patients.
Individual letters are being sent to each patient or guardian by CSID with instructions for accessing this protection, which includes credit monitoring – such as reviews of loan applications, negative comments on credit reports and bankruptcy and lien filings – and extensive monitoring of internet posts; debit reports covering 90 percent of U.S. banks and 75,000 retailers; and public records, including property deed transfers, mail forwarding, new phone service and uses of alias associated with individual Social Security numbers.
Boone Hospital of Columbia, Mo. became aware of an internal patient data breach on September 18 and wrote to affected patients last week, komu.com reports. A Boone Hospital patient sent KOMU 8 News a letter from Boone admitting to the breach and the organization believes about 125 patients were affected.
Privacy director Kathleen Pitzer said employee working for a physician clinic had breached the patient information and said a patient called September 16 and reported that she believed an employee of a staff physician had inappropriately accessed her personal health information. The employee’s access history indicated that she had access to personal health information protected health information such as Social Security numbers, birth dates and treatment-related records such as prescribed treatment and diagnoses.
Boone Hospital terminated the employee’s network access will pay for a one-year patient credit monitoring program.
“The hospital and the practice cooperated on an immediate investigation and have taken appropriate action regarding the practice’s employee,” Media relations spokesman Jacob Luecke said. “Any patient whose record may have been accessed has been notified.”