Breach Involves Missing Flash Drive

Nearly 25,000 Louisville hospital patients notified
Breach Involves Missing Flash Drive
A psychiatric hospital in Louisville is notifying 24,600 patients about a breach involving the loss of an unencrypted flash drive.

Our Lady of Peace Hospital reports that the flash drive, which was discovered to be missing April 1, included information on admitted patients dating back to 2002, including names, room numbers, insurance and admission and discharge dates. In addition the flash drive included information on patients assessed since 2009 but not admitted. This included patient name, date of assessment, date of birth and time the patient left the facility.

For both types of patients, the information did not include any information on diagnosis or treatment, Social Security number or contact information.

In the letter to patients, required under the HITECH Act's breach notification rule the hospital advised individuals to place fraud alerts on their credit reports and then monitor their credit ratings.

In a media statement, the hospital said it is:

  • Re-educating staff about the appropriate way to handle patient information and protect electronic information;
  • Adopting encryption for software and computers; and
  • Taking appropriate disciplinary action against staff members involved.

About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.