A physician’s unencrypted personal laptop that may have contained protected health information on 3,900 patients at Boston-based Beth Israel Deaconness Medical Center was stolen, the hospital admitted Monday.
The laptop, which was stolen in May from the physician’s office, has not been recovered; however, law enforcement has arrested a suspect, the hospital said in a statement. The laptop contained a tracking device, which unfortunately was not activated. The hospital has employed a forensic firm to determine whether the data were compromised.
NOTE: Nice control to put a tracking device, but would still have been a reportable breach. The key is that it is unencrypted... Remember, encrypt, encrypt, encrypt any device that stores PHI and that includes BYOD devices.