Resource Anesthesiology Associates (RAA) of California has started notifying certain patients of Dignity Health’s Mercy Hospital Downtown and Mercy Hospital Southwest that some of their protected health information was stored on a laptop computer that has been stolen.
RAA of California provides anesthesiology services at the Dignity Health hospitals, which requires access to patient data. On July 8, the laptop was stolen from an RAA of California administrator. The theft was reported to law enforcement, but the device has not been recovered.
RAA of California conducted an investigation to determine which patient information was stored on the device and could potentially be accessed. The review confirmed the following types of information were stored on the device: Names, addresses, dates of birth, provider names, dates of service, diagnoses and treatment information, health insurance information, and other information related to patients’ medical care.
The laptop computer was protected with a password, which provides a degree of protection against unauthorized access. However, passwords can be cracked, so there is a risk that information on the laptop could be viewed by unauthorized individuals. RAA of California said to date there has been no evidence found which indicates any of the information stored on the laptop computer has been accessed or misused.
RAA of California believes the risk of misuse of patient data is low but, out of an abundance of caution, is offering affected individuals a complimentary membership to identity theft protection services through IDX. Patients will receive 12 months of CyberScan monitoring and will be protected by a $1 million identity theft insurance policy, which includes fully managed identity theft recovery services.
The post Stolen Laptop Contained the PHI of Dignity Health Patients appeared first on HIPAA Journal.