Another HIPAA Breach

Posted by BAS - 02 May, 2013

header-picture

Oregon Health & Science University has reported a breach of personal health information for 4,000 patients. The breach occurred when an unencrypted laptop was stolen from a surgeon’s rental property when he was on vacation in Hawaii.

The patient information was located in emails stored on the laptop, and contained daily surgery schedules. The information included name, gender, date of birth, medical record number, type of surgery and surgery date.

While OHSU requires encryption for laptops used for patient care, the particular laptop in question was used for research purposes and was not encrypted. OHSU employees had to comb through each email remotely to read the messages to determine exactly which patient information was implemented. They had to call in security experts to determine exactly what information was on the stolen computer and how many people were affected.

This incident is a reminder of the importance of encrypting laptops and monitoring information sent by email.

Topics: MyEnroll360 Security


Recent Posts

Question of the Week - Mid-Year Enrollment for Health Coverage

read more

OCR Reports to Congress on HIPAA Compliance and Breaches of Unsecured Protected Health Information

read more

Find your QELs in MyEnroll360

read more