Hospital: Stolen laptop may compromise patient info

629 patients possibly affected by data breach

Published On: Dec 24 2013 08:18:15 AM CST   Updated On: Oct 01 2013 11:19:39 AM CDT

A Janesville hospital said information stored on a facility-owned laptop may be compromised because the computer was stolen in late August.

St. Mary's Janesville Hospital spokeswoman Joan Neeno said in a release Tuesday morning that the laptop was reported stolen Aug. 27 during a break-in of an SSM Health Care employee's car.

Neeno said the hospital identified 629 patients, treated at St. Mary's in Janesville between Jan. 1 and Aug. 27, who may have been affected by the breach. Letters to patients and guardians notifying them of the theft were mailed Monday, the hospital said.

Information that was vulnerable to compromise included patient names, dates of birth, medical records and account numbers, providers and departments of service, bed and room numbers, dates and times of service, visit histories, complaints, diagnoses, procedures, test results, vaccines and medications, according to the release. The hospital said the laptop did not contain any Social Security numbers, addresses, credit card numbers or financial information.

The hospital said the laptop was configured so that information could not be written to the hard drive, but email data was stored on the hard drive, which was a violation of hospital policy. While the information was password-protected, it was not encrypted, according to the hospital.

St. Mary's Janesville Hospital said it does not believe the laptop was taken to gain access to patient information or that the information has been accessed or misused.
The hospital said it will offer affected patients free identity theft monitoring for a year.