Stanford reports fifth big HIPAA breach

Stolen laptop at children's hospital compromises PHI of 13,000
By Erin McCann
June 13, 2013
10:14 AM
Officials at Stanford University's Lucile Packard Children's Hospital are notifying nearly 13,000 patients that their protected health information has been compromised following the theft of a hospital laptop. 
 
An employee notified the hospital May 8 that an unencrypted laptop containing medical information on pediatric patients had been stolen from a badge-access controlled area of the hospital. Officials say the laptop contained patient names, ages, medical record numbers, surgical procedures, names of physicians involved in the procedures and telephone numbers. 
 
This is the fifth big HIPPA breach for Stanford University. 
 
Following Stanford's most recent HIPAA breach in January, hospital officials said they were "redoubling efforts to ensure that all computers and devices containing medical information are encrypted." 
 
Robert Dicks, spokesperson for Lucile Packard, said hospital officials have taken steps to prevent another HIPAA breach from happening in the future. He cited new HIPAA training and enhanced IT security and compliance education. 
 
"It is important to reiterate that in the recently reported breach at Packard Children's Hospital, the stolen device was an older, non-functioning laptop with a seriously damaged screen," he explained in an emailed statement to Healthcare IT News. "The employee had already begun using a newer, non-damaged laptop that was encrypted."
 
Diane Meyer is the chief compliance and privacy officer at Stanford Hospital & Clinics and Lucile Packard, and Ed Kopetsky was hired in 2009 as the hospital's chief information officer.
 
 
Just in January, the Palo Alto, Calif.-based Lucile Packard Children's Hospital notified some 57,000 patients of HIPAA-breach after an unencrypted company laptop containing patient medical information was stolen from a physician's car. 
 
In 2010, The New York Times reported Stanford Hospital & Clinics notified nearly 20,000 patients that their protected health information had been wrongfully posted to a student website, which resulted in a class action lawsuit filed for $20 million.
 
Later in July 2012, Stanford University Medical Center notified 2,500 patients of a HIPAA-breach after an unencrypted computer was stolen from a physician's office, according to HHS.  
 
Moreover, in January of 2010, Lucile Packard Children's Hospital reported a breach involving more than 500 patients after an employee stole a hospital computer. The hospital failed to report the breach within the five-day timeframe established by the state and eventually was slapped with a fine.
 
 
The hospital is offering a year of identity theft protection to affected families that wish to have it.
Topics: 
Privacy & Security

More regional news

Capitol rotunda at sunset

Congress releases AI policy blueprint

By
Andrea Fox
December 20, 2024
Epic booth at HIMSS global conference

Epic files to dismiss antitrust lawsuit

By
Andrea Fox
December 20, 2024
Representatives of NUS Medicine, Kailuan General Hospital, Tianjin Medical University, and Tianjin Medical University General Hospital pose after signing their MOU

Chinese hospitals join NUS Medicine's big health data project

By
Adam Ang
December 19, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Capitol rotunda at sunset
Congress releases AI policy blueprint

Most Read

Winning cybersecurity warfare is the ultimate millstone for CISOs
A passwordless future for clinicians? Industry paper points to a new paradigm
White House OMB is reviewing proposed cybersecurity updates to HIPAA
HC3 alerts providers of Scattered Spider threat
New Oracle EHR promises AI-enabled reinvention
Work like 'a beehive, an ant colony' to protect against cyber intruders

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

John Saran at Holland & Knight_Modern office buildings in London Photo by Tim Grist Photography/Moment/Getty Images
PE and healthcare investment: What's next for 2025
Sponsored by
Healthcare worker talking to patient
New infusion pumps may help lighten nurses’ workload
Dr Chien-Tzung Chen 4t Linkou Chang Gung Memorial Hospital_HIMSS24 APAC
Linkou Chang Gung Memorial Hospital eyes remote patient monitoring at home
Dan Torrens at eHealth Technologies_Blockchain in healthcare concept Photo by ArtemisDiana/iStock/Getty Images Plus
Getting providers from point A to B

More Stories

Dr. Eric Liederman, CEO of CybersolutionsMD
Q&A: CybersolutionsMD CEO on preventing cyberattacks
Change healthcare booth
Nebraska sues Change Healthcare over ransomware attack
Vijayashree Natarajan of Omega Healthcare on AI
Three for 2025: data security, cancer informatics and agentic AI
Capitol Hill
Congress looks set to extend telehealth and hospital-at-home flexibilities
Josh Di Frances at LG NOVA_Top down view of startup team Photo by NanoStockk/iStock/Getty Images Plus
What a startup pitch competition shows about IT innovation
Ravi Teja Karri of Froedtert Health on AI
Using AI and ML in predictive analytics for bed demand forecasting
Abstract image of AI brain and technology
ASTP updates HHS AI Use Case Inventory for 2024
Female doctor on laptop smiles at patient in foreground who is taking notes
Report shows overwhelming doctor support for virtual care