Stolen unencrypted drive impacts 34K
A stolen unencrypted USB drive is the source of a breach affecting almost 34,000 patients.
The USB drive was stolen from the unlocked locker of an employee of 278-bed Santa Rosa Memorial Hospital in Santa Rosa, Calif., operated by St. Joseph Health System. The organization is notifying affected patients who had their x-ray data compromised after the June 2 burglary at the hospital's outpatient imaging center. Patient names, gender, medical record number, dates of birth and dates of service were also contained on the USB drive.
Hospital officials remain tightlipped regarding the incident, citing the ongoing investigation with the Santa Rosa Police Department.
The employee had backed up the x-ray records on the unencrypted drive in preparation for migration to Santa Rosa Memorial's EHR system, according to a release.
"Following this burglary, we immediately heightened security measures and training at our new Sotoyome Drive facility, and are committed to preventing such an intrusion from happening again," Todd Salnas, president of St. Joseph Health in Sonoma County.
Santa Rosa Memorial officials are offering one-year-long credit monitoring and identity theft protection services to affected patients.
This is the St. Joseph Health's third reported HIPAA breach, according to data from the Department of Health & Human Services. Each incident involved the loss or theft of unencrypted electronic devices.
Editor
Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.