While at a conference in Buenos Aires, a Boston Children’s Hospital employee lost a laptop containing a file with information about 2,159 patients, including names, birth dates, diagnoses, and treatment information. The laptop was password protected but not encrypted, according to a hospital press release.
The file, which did not include financial data or Social Security numbers, was not saved to the hard drive but was on the laptop in an e-mail attachment when it was stolen.
“Boston Children’s takes this incident and the protection of protected health and personal information extremely seriously,” Dr. Daniel J. Nigrin, the hospital’s chief information officer, said in a press release. “We take great measures to ensure that protected health information is never inadvertently released, and we are undertaking additional steps to prevent breaches such as this in the future.”
The hospital notified patients and their families of the breach by e-mail. Hospitals are required to notify the media when there is a breach of patient information affecting more than 500 people in one state. For more information, call the hospital during business hours at 855-281-5730.