Lucile Packard Children's Hospital in Palo Alto, Calif., and the Stanford University School of Medicine are notifying about 57,000 patients about a data breach that occurred Jan. 9, Healthcare IT News reports.
The recent incident follows three other data breach incidents at Lucile Packard or Stanford University Medical Center since 2010 (McCann, Healthcare IT News, 1/23).
Details of the Incident
On Jan. 9, a password-protected laptop computer with limited medical data about pediatric patients was stolen from a physician's car.
Information on the laptop primarily was from 2009 and pertained to past care and research (Roney, Becker's Hospital Review, 1/23).
On Jan. 10, the incident was reported to Lucile Packard. Patient data stored on the laptop included:
- Names;
- Dates of birth;
- Health record numbers; and
- Certain clinical data (Healthcare IT News, 1/23).
There is no indication that any patient data have been accessed or compromised, according to Lucile Packard (Lucile Packard release, 1/21).
Corrective Action
Stanford University School of Medicine in a statement said,"[W]e are taking additional steps to further strengthen our policies and controls surrounding the protection of patient data, including redoubling our efforts to ensure that all computers and devices containing medical information are encrypted" (Healthcare IT News, 1/23).
The medical school, Lucile Packard and law enforcement officials are working together to retrieve the laptop, according to Lucile Packard.
Individuals affected by the incident will be offered no-cost identity-theft protection services, the hospital said (Becker's Hospital Review, 1/23).