Walgreens suffers another data breach
Walgreens healthcare company has notified patients and employees of a data breach after computer hardware and other paper records containing the personal health information and Social Security numbers of patients was stolen.
Anaheim, Calif.-based Crescent Healthcare mailed out letters to patients and employees Feb. 21, notifying them of the theft which occurred Dec. 28, 2012. According to the letter, an unknown person or persons broke into Crescent's billing center and stole the hardware, which may have contained patient names, addresses, phone numbers, Social Security numbers, health insurance data, dates of birth and clinical diagnoses. The group notified authorities three days later.
"We are very sorry this happened, and we are cooperating with law enforcement to further investigate this incident," wrote Paul Mastrapa, president of Crescent Healthcare, in the letter. "Additionally, we have taken steps to prevent this from happening again including retraining employees and service providers on security, and [reviewing] our security policies and procedures."
It's unclear how many patients are impacted by this breach but this is not Walgreen's first HIPAA breach. In December, the pharmacy chain was ordered to pay nearly $16.6 million to settle a lawsuit over dumping hazardous waste and confidential patient health records. And in July 2012, more than 1,200 Walgreens customers had their personal health information compromised after the company reported a theft of paper records.