Wednesday, September 10, 2014

Data Breach on 3,780 Temple Patient Records

By Walter F. Roche Jr.
Personal health records for 3,780 patients which could be used for identity theft were stolen in late July from an office of the Temple University Physicians in Philadelphia.
Rebecca Harmon, spokeswoman for Temple University Hospital said Wednesday in an email response to questions that letters have been sent to all the affected patients informing them of the theft and offering a year's worth of free identity monitoring service.
According to Harmon an unencrypted desk top computer containing the patient records was stolen from a Temple University Physicians department of surgery office in July. The theft was discovered July 21.
"The computer contained files with patient information that could be used for identity theft," Harmon said in the email.
The files included the "full name, age, procedure type and billing codes for 3,780 patients... and in some instances the name of the referring physician and or medical records number," she continued.
Harmon stressed, however, that the files did not include social security numbers or any financial data.
She said the theft was reported to local police and the U.S. Department of Health and Human Services, which requires the reporting of such incidents affecting 500 or more people.
"We deeply regret this incident and the inconveniences this may have caused our patients," Harmon concluded.
She said that in addition to an internal investigation other steps have been taken to prevent a recurrence including staff training and heightened security procedures.
The Temple incident is the second in recent weeks involving health records of Philadelphia area patients. The parent company of Chestnut Hill Hospital and several other Pennsylvania hospitals, Community Health Systems, reported that thousands of patient records may have been improperly accessed earlier this year by hackers from China.