The 311-bed hospital, an academic medical center on the Stanford University campus, announced Monday that the patient information compromised included names, dates of birth, medical record numbers and other clinical data. Officials say the stolen laptop contained primarily patient data from 2009.   

 

[See also: Arkansas data breach remains unclear, gender discrimination lawsuit at core.]

 

Officials say the incident was reported to the hospital Jan. 10, which was followed by patient notification and an "ongoing investigation with security and law enforcement."

  

"As a result of this incident, we are taking additional steps to further strengthen our policies and controls surrounding the protection of patient data, including redoubling our efforts to ensure that all computers and devices containing medical information are encrypted," according to a press statement. 

 

 

In 2010, Stanford Hospital & Clinics notified nearly 20,000 patients that their protected health information had been wrongfully posted to a student website, which resulted in a class action lawsuit filed for $20 million. Later in July 2012, Stanford University Medical Center notified 2,500 patients of a HIPAA-breach after an unencrypted computer was stolen from a physician's office. 

 

Moreover, in January of 2010, Lucile Packard Children's Hospital reported a breach involving more than 500 patients after an employee stole a hospital computer. The hospital failed to report the breach within the five-day timeframe established by the state and eventually was slapped with $250,000 in fines.

 

This story has been updated.