The Los Angeles-based UCLA Health System has been hacked again, just recently announcing that it is sending notification letters to 1,242 individuals about the theft of a laptop computer containing patient information.
The laptop, which was password protected, was reported stolen July 3 and belonged to a faculty member. Upon receipt of the report, UCLA Health initiated an analysis of a backup disk made available by the faculty member to determine whether protected health information or other restricted information was stored on the device and, if so, whose. This review was completed on August 14, 2015, the organization said.
The information on the laptop included names, medical record numbers, and health information used to help prepare patient treatment plans. No social security numbers, health plan ID numbers, credit card numbers, or other financial data were stored on the stolen laptop, UCLA Health officials said. At this time, there is no evidence that any individual’s personal or medical information stored on the laptop has been accessed, disclosed, or used. UCLA Health does have policies and programs in place to identify “red flags” or warnings of possible medical identity theft and inform patients when these are found, it said.
This incident comes after one in July when a massive data breach hit the health system, affecting 4.5 million people. It turns out that in that breach, the data involved had not been encrypted.
About the Author
Rajiv Leventhal
Managing Editor
Rajiv Leventhal is Managing Editor of Healthcare Innovation, covering healthcare IT leadership and strategy. Since 2012, he has been covering health IT developments for the publication's CIO and CMIO-based audience, and has taken keen interest in areas such as policy and payment, patient engagement, health information exchange, mobile health, healthcare data security, and telemedicine.
He can be followed on Twitter @RajivLeventhal