Stolen computers contained patient data from EHS patients
Elliott Health Systems, Inc. (EHS) in New Hampshire has notified the New Hampshire Department of Justice that on February 22, 2008, 10 computers were stolen from the headquarters of a business associate, Advanced Medical Partners, Inc. (AMPI).
By letter dated March 3, 2007 (sic), EHS reported that the computers may have contained ePHI on 6 NH residents such as names, dates of service at EHS, the name of their insurance company and the patients’ date of birth. EHS reports that they were told by AMPI that the computers have safeguards in place, including password against access to this information.
EHS sent notification letters to affected patients on March 13th. In the notification letter, Katherine St. Jean, Director of Compliance/Corporate Compliance Officer, apologized for any inconvenience the security breach may have caused. The notification letter did not advise patients whether they need to do anything to protect themselves and did not offer any additional resources.
AMPI provides urological cryosurgery services in the U.S. According to a press release announcing that HealthTronic Inc. had entered into a stock purchase agreement with AMPI that should be concluded this month, AMPI owns an interest in 30 entities that performed over 7,000 procedures and generated over $24 million of revenue in 2007.