Two external hard drives that contained patient information were stolen from a U.S. Department of Veterans Affairs’ Veterans Health Administration contract employee July 18. The employee was reportedly conducting a service call at Oklahoma City (Okla.) VA Medical Center.
One of the stolen hard drives was the master drive the contract employee used to copy the Mann-Grandstaff VA Medical Center’s anesthesia record keeper database, which was being decommissioned from a physical server to a virtual machine archive server in January. The compromised information may include patient names, Social Security numbers and surgical information, among other data.
“Although we cannot say for certain what information was stored on the stolen USB hard drive, we are alerting every veteran whose personal information resides on the decommissioned ARK server,” according to a Mann-Grandstaff VA Medical Center news release obtained by Becker’s Hospital Review.
In response to the security incident, Mann-Grandstaff VA Medical Center officials established a new media sanitization policy and will provide select patients with one year of free credit monitoring services.
More articles on cybersecurity:
Millennials most likely to practice ‘sloppy’ cybersecurity, survey finds
Hacking accounts for 50% of healthcare breaches in September: 5 report insights
Former Louisiana hospital employee may have improperly accessed patient records since 2003
