Carly Harrington reports:
Documents containing health information of about 750 Summit Medical Group patients was stolen from an employee’s vehicle earlier this month.
The records including patient names and diagnoses were taken Sept. 4 when a case containing information about certain Summit patients’ hospital discharges from December 2010 through August 2011 was among items stolen while an employee’s car was parked at the employee’s home.
Summit spokeswoman Jennifer Lawson said no patient Social Security numbers, home addresses or financial information were included in the documents.
The information, which did include Summit account numbers, dates of birth, primary physician’s names, names of hospitals and dates of discharges, pertained to those who see Knox County physicians at Emory Family Practice, Summit Medical Group at Deane Hill and Northshore Drive, Fountain City Family Physicians and Dr. Kenneth Reese.
Read more on KnoxvilleBiz.com.
Color me militant, but I would really like to see HHS and/or states’ attorney generals start issuing fines over laptops left in cars. It seems clear that despite the media coverage of such breaches, they continue to occur with alarming regularity. Maybe if businesses had to start paying hefty fines on top of the costs of mitigating any harm, notifications, etc., they’d get more serious about ensuring that unencrypted data aren’t leaving the building and certainly aren’t being left in unattended vehicles.
CORRECTION TO ABOVE: My apologies to Summit Medical Group. This was NOT a stolen laptop case. These were paper records.