Lucile Packard suffers second data breach in six months

Stolen laptop contained info on close to 13,000 patients
Tools

Lucile Packard Children's Hospital, a 311-bed facility in Palo Alto, Calif., has suffered its third data breach in four years--and its second in six months--this one potentially effecting 12,900 patients.

According to an announcement on the hospital's website, a password-protected, non-functional laptop computer that potentially could have contained limited medical information on pediatric patients was stolen from a "secured, badge-access controlled area of the hospital" between May 2 and May 8. Information on the laptop was related to operating room schedules over a three-year period beginning in 2009, so no financial information or Social Security numbers were compromised, according to the hospital. Vulnerable information, however, included patient names, ages, medical record numbers, telephone numbers, scheduled surgical procedures and names of physicians involved in procedures. 

According to the hospital, no evidence exists that the information has been accessed by an outside source.

Efforts to recover the computer to date have been unsuccessful, and the law enforcement investigation has ended, the hospital said.

In January, information for 57,000 Lucile Packard patients was put at risk when a laptop, which contained mostly research and follow-up care information, was stolen from an off-campus physician's car. Three years earlier, a Lucile Packard employee stole a password-protected desktop computer containing information on more than 500 patients. The hospital initially was fined $250,000 by the California Department of Public Health for allegedly reporting the incident 11 days beyond a required window, although that fine eventually was reduced to $1,100.

To learn more:
- read the announcement from Lucile Packard

Related Articles:
Info for 57,000 patients at risk after laptop stolen from Lucile Packard
Hospital appeals $250K data breach penalty
Thefts at Stanford, Oregon hospitals jeopardize patient info for nearly 17k
Lost USB drive compromises info for Medicaid recipients
Health department breach impacts 24K Medicaid patients