Portland-based Oregon Health & Science University has begun to notify the parents of babies enrolled in a research study in its neonatal intensive care unit in 2013 that their children's data may have be compromised after a hard drive was reported stolen from a student's car. The number of potentially affected individuals is unknown, as the incident is not yet listed on HHS' Office of Civil Rights data breach portal.
This is the seventh data breach OHSU has reported since 2008, according to databreaches.net and the OCR's breach portal.
"The information included the patient's full name, date of birth, medical record number, diagnosis, doctor's name and some clinical information related to research," according to a Wednesday statement from the university. "The information did not include address, phone number, any insurance information, Social Security number or other identifiers that we believe would result in financial harm to patients or their families."
The university has set up a toll free number to offer more information for those who believe they may be affected by the breach. Additionally, the statement includes an assurance that the university has extensive policies in place to protect patient information.
More articles on health IT:
Centene finds missing hard drives that prompted breach notification
University of Rochester Medical Center off the hook for 2015 breach
Hospital auditing company reports stolen laptop containing 31k patients' data