Breach Causes: Laptop Theft, DVD Losses
Older Breaches Added to Federal ListUnder the HITECH Act breach notification rule, organizations have 60 days to report breach incidents to federal authorities, the media and individuals affected. The HHS Office for Civil Rights says it adds incidents to its official tally once the details are confirmed.
Pediatric Sports and Spine, Grapevine, Texas, reported the Feb. 10 theft of an unencrypted laptop that may have included patient information on 955 individuals. That data may have included patient names, addresses, phone numbers, dates of births and Social Security numbers, as well as certain patient treatment or medication information.
In the other incident, The General Agencies Welfare Benefits Program, an arm of the General Council on Finance and Administration of the United Methodist Church, Nashville, reports that one of its business associates, Towers Watson, lost two DVDs when they were sent from one of the consulting firm's offices to another the first week of February.
The DVDs contained 2001 information on 1,874 General Agencies employees and other employees, former employees and family members covered by the benefits program. The information included names, health insurance plan numbers, and/or Social Security numbers of covered employees.