Premier Healthcare, a physician-led multispecialty provider group based in Bloomington, Indiana, has reported a possible breach that could affect 205,748 patients after a laptop with patient data was stolen, the company announced on Tuesday.
For 1,769 of these people, social security numbers and or financial information could also be accessed from the stolen laptop.
Premier employees discovered that the laptop was missing from the locked and alarmed administrative office of the billing department on January 4.
[Also: 7 largest data breaches of 2015]
Although password-protected, the laptop wasn't encrypted. It contained PDF documents, spreadsheets and screenshots of patient billing issues and contained demographic information like clinical data, date of birth and names.
According to Premier, there's no evidence the information on the laptop was the actual target of the theft or that the data has been used or accessed for fraudulent purposes. Premier said it took immediate steps to investigate and recover the laptop, including notifying patients and filing a police report.
Law enforcement has so far been unable to locate the laptop or identify the perpetrator.
[Like Healthcare IT News on Facebook]
"Premier has taken a number of steps to help keep this from happening in the future," Premier officials said in a statement, noting that the provider group has begun to encrypt all of Premier's computers and are reviewing the institution's protocols to protect against a repeat theft.
"Premier deeply regrets this occurred and is committed to excellent care and protecting the privacy of personal information," officials said, adding that anyone with questions about the breach can call 877-509-8356 or email HIPAA@premierhealthcare.org.