An unencrypted laptop was stolen from a Corvallis (Ore.) Clinic employee's car, prompting the clinic to report a breach of patient privacy.
The employee was reportedly attending a conference in Portland in November when the laptop was stolen from the locked car. The laptop was the employee's personal laptop and had not been evaluated or approved for use by Corvallis Clinic's IT security officer, according to the clinic's notice.
While the laptop was password-protected, it was not encrypted. The clinic indicates a patient data breach is "unlikely."
Patient health information stored in spreadsheets on the computer likely contained patient names, birth dates, name of healthcare provider and the reason for the visit. The clinic does not believe Social Security numbers or financial information were stored on the computer.
More articles on data breaches:
Tribeca Medical Center reports data breach due to stolen records
Target ruled negligent for massive holiday data breach: What does this mean for data breach precedent?
WellCare reports data breach caused by coding error