Two laptops were stolen from an administration building of a Gabriel Valley-based hospital group. This laptop theft resulted in compromise of health information of 729,000 patients.
The stolen laptop contained data of patients treated at AHMC hospitals: Garfield Medical Center in Monterey Park, Monterey Park Hospital, Greater El Monte Community Hospital in South El Monte, Whittier Hospital Medical Center, San Gabriel Valley Medical Center and Anaheim Regional Medical Center.
The laptops were swiped from a video-monitored office on a medical campus that according to officials is gated and patrolled by security. The suspects broke into the office and stole two password-protected laptops.
AHMC spokesman Gary Hopkins, said the Alhambra police was called by the hospital group as soon as the theft was discovered.
The stolen laptops contained data including patients’ names, Medicare/insurance identification numbers, diagnosis/procedure codes and insurance/patient payment records, According to the information given by hospital group. Some of the files contained the Social Security numbers of Medicare patients.
As there was no evidence that the information was accessed, but that cannot be ruled out. “We regret any inconvenience or concern this incident may cause our patients” AHMC Healthcare Inc. officials said in a statement.
AHMC Healthcare had already hired an auditing firm to perform a security risk assessment and it was following the recommendations, officials said. Administrators will now follow a policy of encrypting all laptops.
“Affected patients may want to place fraud alerts on their credit files and order their credit reports to look for fraudulent activity” said hospital officials.
Under federal law, hospitals with medical data breach involving more than 500 people needs to be reported. The breach of 729,000 files would rank as the 11th largest in the nation when compared to data on the U.S. Department of Health & Human Services website. In California, two other medical groups have had larger data compromises involving more patients.
Alertsec strengthens security
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.
Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.