CVS pharmacy patients' data at risk after vendor reports stolen laptop

On March 22, CVS Pharmacy learned that a laptop containing health information of patients from a Calera, Ala., location was stolen from a vendor site in Indianapolis, according to

Although the laptop was password-protected, patient information was not encrypted, according to a statement from CVS. The information may have included addresses, phone numbers and prescription information, according to CVS.

"Based on our thorough review of this matter, we believe this incident is an isolated issue which was not caused by lack of internal controls or other systemic issues," CVS spokesman Mike DeAngelis told in an emailed statement. "The vendor will further enhance its internal controls to prevent similar issues in the future."

CVS is in the process of notifying patients who may be affected, which are limited to the Alabama location. 

More articles on data breaches:

US government at the bottom of the barrel when it comes to cybersecurity: 7 insights 
Consumers unphased by data breaches, just 11% take business elsewhere 
96% of health IT professionals feel vulnerable to data breaches 

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Top 40 Articles from the Past 6 Months