Medical records keep getting compromised.  It does not seem to matter where people live, although the vast majority of breaches have been taking place in the northwestern part of the United States.  Even in remote Alaska, people are realizing that their identity is not secure.  The most recent incident took place at the Providence Alaska Medical Center where a laptop with information on over 250 patients has gone missing.  At this point, a spokeswoman for the center said that the laptop was not stolen, although it has not been seen since May 31.  She gave no indication of why she believes that the laptop was not stolen despite its long absence without anyone having seen it.

The laptop contained information on 250 oncology patients.  For most of these individuals, only medical data was lost, although this is still a violation of HIPAA laws and the federal government will investigate the incident to determine whether or not the medical center should suffer any penalty in federal funding.  However, despite the limited information on most patients, some files contained social security numbers, addresses, and dates of birth.  This is more than enough information for an identity thief to ruin the life of an individual.  At this point there is no word on how the laptop was secured, although if it had been password protected or encrypted, it is likely that the spokeswoman would have mentioned this so that peoples’ fears would have been lessened.

The patients information contained on the laptop had all visited the medical center between August 2005 and May 2007.  All the other files at the center are secure.  However, there will be a continuing investigation to see if more safety measures need to be added to the electronic network to prevent this type of thing from happening in the future.  At this time, there is no word as to whether or not outside consultants will be brought in to address this matter.

Letters have been sent out to the 250 affected people.  Within the letter the medical center said that it will provide a year’s worth of free credit monitoring.  One way that monitoring gets done is to enroll people into ID theft subscription services, such as Lifelock.  This company maintains connections with Trans Union, Equifax, and Experian to deal with credit card and loan applications that get filed.  Whenever this paperwork appears, Lifelock stops the process momentarily to contact its customer.  If the customer verifies that the paperwork is legitimate, it is allowed to go through, otherwise it is stopped from going through.  Since this is one of the most common ways that ID thieves use fraudulently gained information, Lifelock helps prevent ID theft before it starts.

Tags: Equifax, HIPAA, lifelock

This entry was posted on Wednesday, August 27th, 2008 at 12:24 pm and is filed under Government Breaches, Individuals. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.