Premier Healthcare, a Bloomington, Indiana-based healthcare provider, suffered a data breach when a thief stole a laptop containing patient information from the company's billing department.
How many victims? 205,748 patients had at least some form of personally identifiable information exposed. Of this total, 1,769 individuals had records stolen that included social security numbers and/or financial information.
What type of information? For most patients: names, addresses, birth dates, medical record numbers, insurance information and clinical information. For 1,769 individuals: SSNs and/or financial information.
What happened? On Jan. 4, 2016, an unknown perpetrator stole a laptop from Premier's billing department inside its locked and alarmed administrative office in Bloomington. The laptop was password-protected, but not encrypted. Emails stored on the laptop's hard drive contained screenshots, spreadsheets, and pdf documents pertaining to patient billing issues, insurance companies and other healthcare providers.
What was the response? Premier filed a police report, and issued a press release on Mar. 3 (later updated Mar. 8) stating that patients were being notified of the breach. The laptop has not been found, nor has a suspect been identified. To avoid a similar incident moving forward, Premier has begun the process of encrypting all computers. The company also said it's “reviewing its processes and protocols.”
Details? According to Premier, there is no evidence that the culprits specifically targeted, accessed or used the information on the laptop. The company is advising individuals affected by this incident to contact its information line at 877-509-8356 or send an email to HIPAA@premierhealthca.
Source: Premier Healthcare press release
