Executives at the Beth Israel Deaconess Medical Center (BIDMC) are in the process of notifying approximately 3,900 patients of a potential data breach of protected health information (PHI) due to a stolen physician personal laptop computer. According to BIDMC, the computer was stolen outside the physician’s office in May, and even though it contained a tracking device, it has not been recovered nor has the tracking device been activated.
According to BIDMC, the hospital hired national forensic firm to investigate if data was compromised and notified law enforcement, which arrested a suspect in the theft. Thus far, the hospital says, there here has been no indication that any information has been misused. The laptop contained short summaries of medical information used for administrative purposes within BIDMC. They were not complete medical records and did not contain patient financial information such as social security numbers.
“We take the incident extremely seriously, and have now accelerated implementation of a program to assist employees with protecting devices they purchase personally,” John Halamka M.D., BIDMC’s CIO, said in a statement. “We deeply regret and apologize for any concern or inconvenience this situation may cause our patients and families.”
The hospital says it has enhanced security in office buildings and is bringing forth a campaign that raises awareness about data security issues within the organization at all levels.
