Oregon Health and Science University
4,022 (Nine Social Security Numbers reported)
The theft of a surgeon's unencrypted laptop resulted in the exposure of patient information.
UPDATE (07/6/2016): "The Department of Health and Human Services hit the University of Mississippi Medical Center (UMMC) with a $2.75 million fine over a health data breach, its second major privacy action in a week.
The HHS Office for Civil Rights (OCR) is penalizing UMMC for a series of alleged privacy and security violations of the Health Insurance Portability and Accountability Act, also known as HIPAA. The settlement relates to a password-protected laptop that went missing from the hospital’s intensive care unit in March 2013. After an investigation, the medical center determined the computer was likely stolen by a visitor who had asked to borrow it."
UPDATE (04/25/2013): The laptop was stolen from a surgeon's Hawaii rental home and was used for research purposes. Any laptops used for patient care are required to be encrypted while laptops used for research are not required to be encrypted. The laptop was used to access emails related to patient care such as patient names, medical record numbers, types of surgery and dates of surgery, times and locations of surgery, gender, age, and name of surgeon and anesthesiologist information. Nine patients had their Social Security numbers exposed.
Browse Privacy Topics
Background Checks & Workplace
Banking & Finance
Credit & Credit Reports
Harassment & Stalking
Identity Theft & Data Breaches
Online Privacy & Technology
Privacy When You Shop
Public Records & Info Brokers
Social Security Numbers
Who We Are
We are a nationally recognized consumer education and advocacy nonprofit dedicated to protecting the privacy of American consumers.