[BreachExchange] Sharp Healthcare Suspects Theft of Hundreds of Patients’ Health Information

Audrey McNeil audrey at riskbasedsecurity.com
Tue Mar 7 19:41:16 EST 2017 

http://www.nbcsandiego.com/news/local/Sharp-Healthcare-
Suspects-Theft-of-Hundreds-of-Patients-Health-Information-415406963.html

Sharp HealthCare discovered a suspected theft of a computer and memory
device containing the protected health information (PHI) of 757
outpatients, according to a statement by Sharp.

The devices were discovered missing from a locked cabinet in an
access-controlled area at Sharp Memorial Outpatient Pavilion on Health
Center Drive the morning of Feb. 16.

Sharp notified the San Diego Police Department, and both organizations are
actively searching for the missing devices. So far, investigations have led
Sharp to believe both devices were stolen, according to Sharp.

The devices held patient wellness information for outpatients in blood
and/or cardiac health studies. Each study may have recorded information on
names, dates of birth, ages, medications and family histories of those
patients.

Affected patients have been notified of the situation, as have the
California Department of Public health and the Office for Civil Rights,
Sharp said.

“It was not any social security or financial information that was taken,
which is what identity thieves would need in order to access that kind of
information,” said Sharp Representative John Cihomsky.

Cihomsky said Sharp is unable to state how the theft occurred or what new
security measures are being taken in an effort to not tip their hand in the
ongoing investigation, but they hope to have the suspect or missing devices
found as soon as possible.

Sharp said it plans to review current safeguards and implement new ones to
keep the incident from happening again, and patients with questions related
to the incident can call 1-800-263-0217 <(800)%20263-0217>.

Sharp put out a statement that read in part:

“Sharp apologizes for any inconvenience this situation may cause our
patients, and we are conducting a review of our security practices and
moving forward with additional safeguards to prevent this incident from
occurring again.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170307/e1321306/attachment.html>

More information about the BreachExchange mailing list