Second Decoded Laptop Computer Thieved from Rocky Mountain Medical Care Facilities

Rocky Mountain Medical Care Facilities has found that a decoded laptop computer has been thieved from one of its workers. This is the second incident of this type to be uncovered during three months.

The latest case was detected on September 28. The laptop was found to have the PHI of a limited quantity of patients. The kinds of information saved on the laptop contained first and last names, dates of birth, addresses, Medicare numbers, health insurance info, and partial treatment info.

The case has been reported to police and patients affected by the case have been alerted by post.

Rocky Mountain Medical Care Facilities, which also works as Rocky Mountain PACE, HealthRide, and Rocky Mountain Alternatives for Long Time Care, also found on June 18, 2017 that a laptop and mobile phone were thieved from a former worker. The appliances had names, addresses, limited treatment information, dates of birth, and health insurance particulars.

So far, just one of those cases has shown on the Division of Health and Human Services’ OCR breach portal. That event, informed on November 16, shows 909 patients were affected. It is not clear whether it is the 1st or 2nd laptop computer thievery.

In reaction to the breaches, Rocky Mountain Medical Care Facilities has been studying its procedures and policies regarding the safety of patient information as well as moveable electronic appliances and is thinking to include moveable appliance management technologies as well as files encryption for its moveable electronic appliances.

As the OCR breach portal demonstrates, the theft and loss of unencrypted moveable electronic appliances is still the main reason for healthcare data breaches and one which the use of data encryption skills can easily avoid. Thus far in 2017, there have been 31 breaches informed by protected units and BAs that have involved the theft or loss of unencrypted laptops and other moveable electronic devices.