Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Sutter Health Loses 3.3 Million Patient Records

After a laptop computer was stolen in October, Sacramento, California’s Sutter Health is informing over 3.3 million patients that information in their records is presumed stolen. The upside is that no financial information was lost, and the company used the notification delay to fix a major mistake.

After a laptop computer was stolen in October, Sacramento, California’s Sutter Health is informing over 3.3 million patients that information in their records is presumed stolen. The upside is that no financial information was lost, and the company used the notification delay to fix a major mistake.

The missing data was stored on a “password-protected unencrypted desktop computer” that was stolen towards the middle of October. One month later, Sutter Physician Services (SPS) and Sutter Medical Foundation (SMF) are coming forward with a mia culpa.

Sutter is reporting that for 3.3 million patients whose health care provider is supported by SPS, the stolen system included their name, address, date of birth, phone number and email address (if provided), medical record number and the name of the patient’s health insurance plan.

Another 943,000 SMF patients lost the exact same information, in addition to details on dates of services and a description of medical diagnoses and/or procedures used for business operation. SMF patents should be receiving notifications in the mail soon.

The medical groups said that they “worked hard” to notify patients sooner, but they “wanted to make sure we fully understood what data was contained on the stolen computer” in order to give comprehensive and accurate information.

In response to the theft, Sutter Health Data Security Office has already encrypted portable laptops and blackberries system wide.

According to a statement, they were “…in the process of encrypting desktop computers throughout the system when the theft took place. We have since accelerated our efforts to encrypt all computers and have implemented routine security software updates.”

“Sutter Health holds the confidentiality and trust of our patients in the highest regard, and we deeply regret that this incident has occurred,” said Sutter Health President and CEO Pat Fry.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Mario Duarte, formerly head of security at Snowflake, has joined Aembit as CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.