Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Sutter Health Loses 3.3 Million Patient Records

After a laptop computer was stolen in October, Sacramento, California’s Sutter Health is informing over 3.3 million patients that information in their records is presumed stolen. The upside is that no financial information was lost, and the company used the notification delay to fix a major mistake.

After a laptop computer was stolen in October, Sacramento, California’s Sutter Health is informing over 3.3 million patients that information in their records is presumed stolen. The upside is that no financial information was lost, and the company used the notification delay to fix a major mistake.

The missing data was stored on a “password-protected unencrypted desktop computer” that was stolen towards the middle of October. One month later, Sutter Physician Services (SPS) and Sutter Medical Foundation (SMF) are coming forward with a mia culpa.

Sutter is reporting that for 3.3 million patients whose health care provider is supported by SPS, the stolen system included their name, address, date of birth, phone number and email address (if provided), medical record number and the name of the patient’s health insurance plan.

Another 943,000 SMF patients lost the exact same information, in addition to details on dates of services and a description of medical diagnoses and/or procedures used for business operation. SMF patents should be receiving notifications in the mail soon.

The medical groups said that they “worked hard” to notify patients sooner, but they “wanted to make sure we fully understood what data was contained on the stolen computer” in order to give comprehensive and accurate information.

In response to the theft, Sutter Health Data Security Office has already encrypted portable laptops and blackberries system wide.

According to a statement, they were “…in the process of encrypting desktop computers throughout the system when the theft took place. We have since accelerated our efforts to encrypt all computers and have implemented routine security software updates.”

“Sutter Health holds the confidentiality and trust of our patients in the highest regard, and we deeply regret that this incident has occurred,” said Sutter Health President and CEO Pat Fry.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...