Two more hospitals have been hit with a data breach, and both were caused by burglary. Officials at the Portland-based Oregon Health & Science University Hospital (OHSU) announced that a USB drive containing data for more than 14,000 patients, 200 employee and specific patient information for 702 pediatric patients was stolen from the house of an employee recently.
The hospital says nearly the patient data was password-protected. It says it has conducted an extensive investigation into exactly what was taken and the steps needed to access the password-protected data and open the files in a readable format. The data is an attempt to track the results of vision screenings for newborns born prematurely.
For the 702 pediatric patients, all of whom are getting letters from OHSU, the information on the drive included their name, date of birth, phone number, address, and OHSU medical record number. The drive also included specific information on nearly 200 OHSU employees including names, Social Security numbers, addresses, and employment-related vaccination information.
The drive data was stolen during the burglary of an OHSU employee's home July 4 or 5, the hospital said. The employee inadvertently took the USB drive home in a briefcase at the end of the workday. During the home burglary, the briefcase along with several other items was stolen.
In addition, there was also a recent data breach at the Stanford Medical School. Hospital officials recently announced laptop containing information of 2,500 patients was stolen from a doctor’s office on July 15. The officials, who are notifying patients by letter, say based on tracking information installed within the software, they do not believe any information has been accessed.