Stolen Laptop Leads to Data Breach for Texas Rehab Hospital

HealthSouth Rehabilitation Hospital of Round Rock, Texas is notifying potentially affected individuals that a laptop containing unsecured protected health information (PHI) was stolen from the trunk of an employee’s vehicle a few months ago.

The information on the laptop varied by individual but may have included an individual’s name, address, date of birth, Social Security number, phone number, insurance number, diagnosis, referral ID number, or medical record number. At this time, the hospital is working to notify the nearly 1,400 potentially affected individuals via letter, its officials said.

HealthSouth Round Rock, previously Reliant Rehabilitation Hospital Central Texas, discovered the theft on Oct. 26, 2015 and promptly filed a report with the City of Austin Police Department. The laptop was password protected and, at this time, HealthSouth Round Rock officials said there is no evidence the information on the laptop has been accessed or used for purposes of identity theft or otherwise. The hospital’s information systems are not accessible from the stolen laptop.

While it is HealthSouth’s policy to encrypt all laptops, the laptop at issue which was used at the Reliant hospital prior to the acquisition was not encrypted. As part of HealthSouth’s post-acquisition integration process, all Reliant laptops were required to be returned and exchanged for encrypted HealthSouth laptops. The Reliant laptop at issue, however, was stolen before being returned to HealthSouth, officials said.