Analecta Cyber Company Blog: 238 Medical Records Stolen from Employee Vehicle

2016-10-14

238 Medical Records Stolen from Employee Vehicle


About 238 medical records of the Children’s Mercy Hospital in Kansas City, MO were stolen from a locked employee vehicle. The incident occurred on August 4 but families only found out almost one month after it happened.

According to a KTTN news report, the stolen medical records contained limited information. Fortunately the paperwork did not include any financial information, addresses and social security numbers. However, there are still some risks for those affected since those data could lead to other vital information. In some cases, it could be used to fill false prescription or worse extortion.

As posted by KTTN news, the hospital will notify the affected individuals once they will able to identify and verify the content of the stolen records. The Children’s Mercy Hospital have expressed their apologies and ensure the families that they are working to resolve the situation. Affected families are offered an identity protection services.

CA Medical Center - Car Break-in

In another healthcare news, more than 700 patients of the Los Angeles County – USC Medical Center (LAC + USC) are being notified after critical information was potentially exposed when the files were stolen from an employee’s car on 8th of July 2016. Exposed information include patients that were treated between May 10th and July 26th.

According to a statement issued by LAC+USC, the information contained names, dates of birth, gender, telephone numbers, medical record numbers, dates and times of schedule appointments. Social Security numbers and financial information were not included in the records stolen.

Currently, the medical center is a conducting assessment on its privacy and security procedures and to re-evaluate their practices as needed based on the discovery to avoid similar incidents in the future.

Moreover, the Department of Health Services and the LAC+USC Medical Center cannot verify yet if the affected information have been used unlawfully.