Nearly 5,000 patients affected
The California-based Sutter Health is notifying nearly 5,000 patients that their personally identifiable information has been stolen after local law enforcement officials discovered a list of patient data during an unrelated criminal investigation.
The list of patient information was discovered during a drug related investigation in Oakland, Calif., KTVU reports.
Patient names, Social Security numbers, dates of birth, addresses, names of employer, work numbers and marital statuses were compromised.
Sutter Health system officials say the breach could involve patients from Sutter Health's Oakland-based Alta Bates Summit Medical Center; Antioch, Calif.-based Delta Medical Center or Eden Medical Center in Castro Valley.
"We are concerned about this matter and take protecting our patients’ privacy very seriously. At this time we do not know how the information was obtained," a notice read on the Sutter Health website.
Sutter Health is no stranger to healthcare data breaches. Back in 2011, nearly one million Sutter Health patients had their protected health information compromised after the theft of an unencrypted company desktop computer, making the breach one of the biggest HIPAA breaches in the United States. In its aftermath, Sutter Health is still facing up to $4.25 billion in class action lawsuits.
Also reported by HHS in 2011, Sutter Gould Medical Foundation lost the paper medical records for 1,200 patients.