Burglars Steal Server at Clinic40,000 Californians notified of breach
The April 2 burglary occurred at Silicon Valley Eyecare Optometry and Contact Lenses, Santa Clara, Calif. The server contained the practice's patient database, including names, addresses, phone numbers, and, in some cases, Social Security numbers, e-mail addresses, birth dates, family member names, insurance information and health information.
Local police have arrested one unnamed suspect in the case, who confessed to the crime, the practice reports. Security cameras showed two burglars entering through a window, and the search continues for the second intruder. But so far, authorities have no evidence that fraud has been committed using the data.
The practice notified patients, as well as federal regulators, as required under the HITECH Act Breach Notification Rule. It had backup data for all the information on the server stored off-site.
The practice is advising all its patients to monitor their insurance statements for errors, place a fraud alert on the credit files and monitor their credit reports.
In the wake of the incident, the practice has boosted physical security, storing the server in a locked safe bolted to the floor.