St. Joseph Health Notifies Nearly 34K Patients of Stolen Health Records

A thumb drive containing health records of nearly 34,000 patients was recently stolen from a Santa Rosa Memorial Hospital medical office in Santa Rosa, Calif., according to a Press Democrat report.

The drive was stolen June 2 from an unlocked employee locker at the former Redwood Regional Medical Group imaging center, according to St. Joseph Health, which operates the office. The following day, hospital officials learned the drive was missing from the locker of a staff member who had backed up X-ray records on the drive in preparation for a data migration to Santa Rosa Memorial’s electronic medical records (EMR) system, according to a report in the North Bay Business Journal.

The drive contained information on 33,702 patients who received X-ray services at the office over a five-year period between Feb. 2, 2009 and May 13, 2014, said Katy Hillenmeyer, a spokeswoman for St. Joseph.

The information contained on the device included patients' first and last names, gender, medical record numbers, date of birth, date and time of service, area of body X-rayed, the X-ray technologist's name and the radiation level required to produce the X-ray, Hillenmeyer said. The data was restricted to X-rays only. No other imaging exams—such as mammograms or MRIs—were included on the drive. The information did not include Social Security numbers, financial information, insurance data or diagnoses, officials said.

“We take our obligation to protect our patients' privacy very seriously,” Todd Salnas, president of St. Joseph Health in Sonoma County, said in a statement. “We apologize to those patients affected and have already implemented a number of security measures and other protocols so that this doesn't happen again.”