Laptop theft cause of Cedars-Sinai breach

Laura Pedulli | | Health Exec | Cybersecurity

Cedars-Sinai Health System is alerting at least 500 patients that their health information may be at risk following the theft of one of its laptops, reports SC Magazine.

In a notice—which does not cite the number of patients impacted—Cedars-Sinai officials wrote that “there is no indication of any actual or attempted unauthorized access to health information” nor that the laptop contained complete medical or billing records. Since the incident, remote access from the laptop has been terminated, according to the Los Angeles-based health system.

The theft occurred at the home of an employee, who was using the laptop for troubleshooting software used for clinical laboratory reporting. The laptop was among many items stolen from the home.

The laptop was password-protected, but did not contain additional encryption software, which is against Cedars-Sinai policy. “As a result, some information was potentially stored in temporary files on the laptop's hard drive at the time of the theft.” The local police investigation is ongoing and the laptop is not yet recovered, according to the notice.

Information at risk varied depending on the individual, but consisted in general of some combination of medical record number, patient identification number, lab testing information, treatment information and diagnostic information. A small percentage of the files also contained the patient's Social Security number or other personal information.

"Even a potential data security incident on a single computer, as has occurred here, is not acceptable to us. We apologize to the people affected by this incident, and have taken actions to prevent any reoccurrence,” David Blake, Cedars-Sinai's chief privacy officer, said in a statement.


 

Laura Pedulli

Related Content

Healthcare hacker sentenced to 10 years in prison
Ransomware group deploys ticking clock to threaten Georgia hospital
Hackers were inside an Iowa hospital’s network for two weeks
Microsoft: Ransomware hit nearly 400 healthcare entities this year—a 300% rise since 2015
Feds make it official: Change data breach was the largest in healthcare history, impacting 100M
CMS contractor takes $1.2M loss after data breach, DOJ lawsuit

Around the web

Cardiovascular Business
Q&A: MedAxiom CEO explores key trends in cardiologist, cardiovascular surgeon compensation

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

Cardiovascular Business
Payment cuts and beyond: Key takeaways for cardiologists from the 2025 Medicare Physician Fee Schedule

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

AI in Healthcare
A modest proposal to rally AI regulators around a simple game plan

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”