The University of California at San Francisco is the latest source of a potential patient medical record mishap after a laptop was stolen and later recovered earlier this week.
Officials with the university’s medical center said that personally identifiable information and confidential medical records from some 4,000 patients went missing from an employee’s luggage following a domestic flight on November 30. His computer was recovered on January 3, though no information was given about how far or where the computer traveled during its month-long hiatus. Investigators have not yet determined whether any of the information contained on the laptop was compromised or otherwise copied from the laptop hard drive, but the university said data including patient names, health insurance plans, social security numbers and other medical information is most likely compromised.
This is the second incident of a patient data breach stemming from the University of California at San Francisco in recent days. Last month, a university professor admitted that he was the victim of a phishing scheme in which some 600 patients’ information was sent over the Internet to an undisclosed server by mistake. Insurance company Kaiser Permanente recently informed 15,000 of its health insurance subscribers that it lost sensitive information, also from the company’s laptop computers and external, portable hard drives (including one that was stolen from an employee’s automobile) between 2008 and 2009.
Such high-profile incidents of medical records breaches are likely to become a side-debate in the battle over health care reform. Some Senators have publicly called for a review and update of current HIPPA laws that do not adequately address data storage requirements now that health insurance companies and medical providers are storing information on servers that are housed away from their own facilities.