A stolen unencrypted laptop is the source of a data breach affecting customers of a CVS Pharmacy in Calera, Ala., according to a report by AL.com.
CVS learned on March 22 that the password-protected laptop had been stolen from a vendor, according to the report. The laptop contained pharmacy customers' information including patient names and in some cases addresses, telephone numbers, prescription names, numbers and dispensing dates. There was no financial information on the laptop.
CVS spokesman Mike DeAngelis said the vendor did not have access to patient information at any other Alabama stores, AL.com reported. The vendor could have had access to patient information at other stores outside of the state, but only information from the Calera location was on the stolen laptop.
"Based on our thorough review of this matter, we believe this incident is an isolated issue which was not caused by lack of internal controls or other systemic issues," according to DeAngelis. "The vendor will further enhance its internal controls to prevent similar issues in the future."
CVS also is working with the vendor to make sure it's taking remedial and corrective steps so it can keeping working for CVS.
Editor
Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.