A pair of laptops containing unencrypted patient data was stolen from Horizon Blue Cross Blue Shield of New Jersey’s (BCBSNJ) Newark headquarters, according to a report on NJ.com. The Apple MacBook Pros held information from almost 840,000 Horizon BCBSNJ members.
Horizon reported the missing laptops to the Newark Police Department on Monday, November 4. It is believed that the laptops, which were cable-locked to workstations, were stolen over the weekend. Information housed on the laptops includes names, addresses, dates of birth, clinical information, and Social Security numbers.
A message posted on Horizon BCBS’s website stated the following:
We have no reason to believe that the laptops were stolen for the information they contained or that the information has been accessed or used in any way. However, in an abundance of caution, we began sending letters to affected members on December 6, 2013.
Horizon BCBSNJ has also established a dedicated call center for members to contact with any questions. If you believe you are affected but have not received a letter by December 20, 2013, please call 877-237-9502 Monday through Friday between 9:00 a.m. and 7:00 p.m. Eastern Time (closed on U.S. observed holidays), and provide the following ten digit reference number 2156112613 when prompted.
In addition to notifying patients, the insurer also notified the Department of Health and Human Services (HHS), the state’s Department of Banking and Insurance, and the state’s Division of Consumer Affairs.
Free credit monitoring has been offered to those whose Social Security numbers were involved. Horizon has stated it will be reviewing staff education, policies, and encryption processes to prevent future incidents. Horizon has faced laptop theft in the past, according to NJ.com’s research. In 2008, 300,000 people were notified of a missing laptop containing personal information. No information misuse was reported. PHIPrivacy.net also reported on the theft.