Computer with patient info stolen from Stanford

Medical and personal information for 2,500 patients may be at risk

A computer containing medical and personal information for approximately 2,500 patients was stolen from a Stanford faculty member's locked office sometime between July 15 and 16, according to Stanford University Medical Center.

The computer, which may also have held some patient social security numbers, was outfitted with software that would detect when and where the computer connected to the Internet. No detection has occurred yet.

No one's complete medical records or health history were stored in the computer.

Stanford Medical Center is sending letters to those whose information may have been on the computer; individuals who do not receive a letter are not affected.

"We take this incident extremely seriously," Lisa Lapin, Assistant Vice President of University Communications, stated in a news release. "The School of Medicine and Stanford Hospital & Clinics are working with law enforcement to recover the stolen computer and to identify the responsible party. We have also further tightened security and are reviewing enhanced security measures."

Stanford has established a help line to answer any questions. Patients can call toll-free: (855) 731-6016 Monday through Friday from 6 a.m. to 6 p.m. PST. In addition, individuals are being offered the option of free identity protection services.


Like this comment
Posted by encrypted?
a resident of Adobe-Meadow
on Aug 3, 2012 at 10:14 am

Was the data encrypted or easily readable by crooks?
Why did they wait 3 weeks to contact the victims?

Like this comment
Posted by Dan
a resident of Southgate
on Aug 3, 2012 at 12:11 pm

"The computer, ...was outfitted with software that would detect when and where the computer connected to the Internet. No detection has occurred yet."

Perhaps this should have been left out of the article.

Like this comment
Posted by *c
a resident of Stanford
on Aug 3, 2012 at 2:02 pm

Your private data isn't safe at Stanford Medical Center. These breaches have occurred with shocking frequency. The New York Times reported last September that medical records from the Emergency Department were posted on the Internet for over a year. The names of patients and their diagnoses were out there for the public to see. I don't know how many laptops have disappeared in the past few years, but this isn't an isolated incident. Too many people here are walking around with too much unencrypted data.

Like this comment
Posted by Bob
a resident of Community Center
on Aug 3, 2012 at 2:05 pm

And how many times did this happen? Not the first. A big debacle re: records of ER patients in March, 2009. and there was some other incident at Stanford also. "Victims"were given 'complimentary insurance policies'. The PA Clinic had to do it also for another incident when a huge amount of patient data was stolen, and that allegedly happened in Sacramento -when billing was outsourced there. WHY WAS THIS DATA IN A FACULTY MEMBER'S OFFICE??

Like this comment
Posted by unsettled
a resident of Another Palo Alto neighborhood
on Aug 4, 2012 at 12:07 am

When I filled out our information for the coming school year on the PAUSD computers, the information we put in last year was missing, and in its place was a two word name that could not have been put in there by us. Other information was simply missing. I assumed it was the kind of snafu we've been dealing with since day one -- the first year we had to fill out our information twice -- but then realized there had to be a security breach if additional information were inserted in our files. I called to express my concerns, and the person in charge of security for the district basically told me it didn't happen and couldn't have happened, and that there was no security breach.

This Stanford incident is just the one you hear about because something physically was stolen.

What are the laws applying to the responsibility of the university, the doctor, the schools, anyone, to safeguard our information?

Like this comment
Posted by responsible healthcare providers?
a resident of Another Palo Alto neighborhood
on Aug 5, 2012 at 5:19 pm

Wow, sounds like irresponsible healthcare providers. Have they determined the accuracy of this report -- the office was locked, and so on? This is an appropriate occasion for our lawmakers to do something meaningful - enact laws, provisions requiring high quality security for our valuable private data we have to fork over to these folks. Enact clear penalties for inattention, lack of care with such data.

Like this comment
Posted by moi
a resident of Another Palo Alto neighborhood
on Aug 5, 2012 at 7:19 pm

Computer was stolen sometime between July 15 and 16?

That would be July 15-and-a-half?

Like this comment
Posted by Common sense
a resident of Duveneck/St. Francis
on Aug 6, 2012 at 12:49 pm

The law could be simple: no patient data stored on laptops.

I can't remember a time when I heard of a desktop being stolen.

Like this comment
Posted by Not Surprised
a resident of Fairmeadow
on Aug 8, 2012 at 2:12 pm

Is anybody surprised? The Hubris at the medical center is epic. This is not the first time. Years back they left every staff members Social Security numbers open to anybody on their website. Also because it was an MD nothing will come of this lapse.

Sorry, but further commenting on this topic has been closed.

Orenchi Ramen expands to Redwood City
By Elena Kadvany | 0 comments | 5,915 views

Family Matters: Caring for the Dying, and Their Loved Ones
By Aldis Petriceks | 2 comments | 1,337 views

Couples: The ABCs of Love
By Chandrama Anderson | 0 comments | 665 views

A birthday for the siblings
By Cheryl Bac | 0 comments | 269 views