Allina suffers patient data theft

Thousands of patient social security numbers and names went missing last week when a laptop was stolen from a nurse working for Minneapolis-based Allina Hospitals and Clinics. Under Allina's obstetrics home-care program, nurses visit homes to monitor high-risk pregnancies and check in on mothers and babies. Last week, an affiliated nurse returned from dropping off a specimen at a lab to find that her laptop was gone, complete with patient data from about 14,000 households.

An Allina spokesman pointed out that the patient information on the laptop was protected by two passwords, but as IT experts know, that would not necessarily stop a determined hacker from accessing the data. It seems unlikely that the data was encrypted, if consumer news accounts are accurate. Executives at Allina were quick to offer affected patients one year worth of free credit monitoring. They've also vowed that in the future, laptops won't store Social Security numbers.

While this incident can't help its reputation much, the Allina system has otherwise worked to position itself as a technology leader. Allina is spending $240 million to bring all of its 11 hospitals and 67 clinics online with its EMR system, Excellian, which is sold by health IT vendor Epic Systems. When someone stole 24 million records from the VA under similar circumstances, it helped to trigger a $16 million realignment project. Perhaps Allina's security people will have a bigger budget to play with shortly.

Get more background on the data theft:
- read this article in the Minneapolis Star-Tribune