Stolen OHSU laptop may contain some patient records

Another case of more personal information getting stolen in some way and then right after it happens the victimized organization says something to this effect, ” There is little or no evidence of the information being misused” in order to make those that were compromised feel better. The fact is , they have no way of knowing this and it is clear they are not in compliance with the new Red Flag rules. If you have been a patient of OHSU and you are concerned about potential Identity Theft, please log onto .

Stolen OHSU laptop may contain some patient records

by Don Colburn, The Oregonian

Saturday December 13, 2008, 10:18 PM

Oregon Health & Science University has sent letters to 890 patients informing them that a stolen laptop may have contained their health records.

The laptop was stolen last week from an OHSU employee in a Chicago hotel, while he was traveling on business.

In an effort to reassure patients, OHSU said the laptop was password-protected and called the risk of identity theft low. The data did not include Social Security numbers, addresses or specific treatments, OHSU said.

While the personal information in the database on the computer did not include enough detail to require notification under Oregon law, OHSU said it chose to alert the 890 patients. OHSU also flagged all of the affected patient records in its system to make sure requests for those data automatically receive higher scrutiny


One Response to “Stolen OHSU laptop may contain some patient records”

  1. John Franks Says:

    I like to pass along things that work, in hopes that good ideas make their way back to me. Data breaches and thefts are due to a lagging business culture – and people aren’t getting the training they need. As CIO, I look for ways to help my business and IT teams further their education. Check your local library: A book that is required reading is “I.T. WARS: Managing the Business-Technology Weave in the New Millennium.” It also helps outside agencies understand your values and practices.
    The author, David Scott, has an interview that is a great exposure:
    The book came to us as a tip from an intern who attended a course at University of Wisconsin, where the book is an MBA text. It has helped us to understand that, while various systems of security are important, no system can overcome laxity, ignorance, or deliberate intent to harm. Necessary is a sustained culture and awareness; an efficient prism through which every activity is viewed from a security perspective prior to action.
    In the realm of risk, unmanaged possibilities become probabilities – read the book BEFORE you suffer a breach.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: