Norfolk, Va.-based Sentara Heart Hospital has notified 1,040 patients that their protected health information may have been compromised after two hard drives containing sensitive information were stolen.
On the weekend of Aug. 14, two portable hard drives were stolen from a procedure area in the hospital normally restricted to staff and patients. "We believe these small portable hard drives were stolen for whatever street value they may have, and not for purposes of identity theft or fraud," according to the hospital.
The breach affects patients who underwent electrophysiology procedures in one of Sentara Heart Hospitals' electrophysiology labs between Sept. 4, 2014 and Aug. 14, 2015. The information on the portable hard drives included names, birth dates, unique patient identification numbers produced by Sentara and some physician notes about procedures. No billing information or Social Security numbers were stored on the drives.
"The identifying information is so limited it does not facilitate fraud," according to the hospital.
Sentara Heart Hospital said it now locks portable hard drives in a drawer, and only personnel have keys to open the drawers. Additionally, the hospital plans to implement additional security improvements.
More articles on data breaches:
Illinois orthopedics specialists report data breach due to stolen EMG machine, laptop
BCBS North Carolina notifies patients of 2 data breaches
Premera has incurred 38 lawsuits since March disclosure of data breach