Philadelphia-based Penn Medicine mailed letters to roughly 1,000 patients, alerting them to a potential compromise of their personal information after an unencrypted laptop was stolen from the hospital, a spokesperson told Becker's Hospital Review.
The laptop contained a file with patient names, dates of birth, medical records and patient account numbers, and some demographic and medical information. The file did not include patients' social security numbers, credit card numbers, bank account information, addresses or telephone numbers.
Penn Medicine is working with the police, its computer manufacturer and relevant internet service providers to determine the scope of the incident. To date, there is no evidence the laptop had been turned on or accessed. The spokesperson noted the laptop was protected by a strong password.
More articles on cybersecurity:
Ripple soars 160% in 1 week, but its hard to buy
Survey: Americans trust healthcare industry with personal data more than government
McAfee: Healthcare tops Q3 security incidents — 3 things to know