- In case of strange coincidence, Georgia’s UHS-Pruitt Corporation reported two missing laptops within a two-week period, according to a posting on Georgia Public Notice and a press release from UHS-Pruitt Corporation. As reported on PHIPrivacy.net, both laptops held unencrypted patient data on their hard drives, and were stolen from employee cars.
The first incident, which occurred on September 26, involved information from 1,300 patients at its nursing facilities, including names, dates of birth, Medicare numbers, resident ID numbers, and Social Security numbers. The affected patients were current or former residents of Heritage Healthcare of Ashburn, UniHealth Post-Acute Care Augusta Hills, Heritage Healthcare of Fitzgerald, Heritage Healthcare at Osceola, Palmyra Nursing Home and Sylvester Healthcare. This laptop and the information on it were used to process healthcare service payments for the facilities.
On October 8, a laptop belonging to a UniHealth SOURCE employee was stolen. Less information was available in this instance, limited to names and diagnoses, as it was only used for quality assurance audits. The 4,500 affected patients were current and former patients of UniHealth SOURCE, UniHealth Select, and Blue Ridge Community Based Services.
Both laptops also had access to electronic health records and other computer applications, but were disconnected within hours of the thefts.
Affected patients were notified and advised to examine their credit reports and place fraud alerts on their credit bureau accounts, but were not offered credit monitoring services. In the notice sent out after the first breach, the company announced it would be improving its security and privacy policies, and technical data protection.
PHIPrivacy.net also reported on the breaches.