Unencrypted drive with 7 years of patient data stolen from Denton Heart Group

The backup drive contained a trove of EHR data, including Social Security numbers and insurance policy details.
By Jessica Davis
11:49 AM

An unencrypted hard drive that contained 7 years of backup electronic health record data was stolen from the Denton Health Group, a member of the HealthTexas Provider Network.

The backup files contained a hoard of patient data from 2009 until 2016: names, Social Security numbers, dates of birth, addresses, phone numbers, driver's license numbers, medical record numbers, insurance provider and policy details, physician names, clinic account numbers, medical history, medications, lab results and other clinical data.

The device was stored in a locked closet before officials believe it was stolen on or around December 29, 2016. However, the medical group didn't discover the theft until Jan. 11.

[Also: Michigan cancer center notifies 22,000 patients of breach 5 months after hack]

All patients affected by the breach will receive one year of free credit monitoring and identity theft protection services, officials said. Denton Health mailed notifications to its patients on March 10 and set up a dedicated call center to answer questions.

"Necessary corrective actions have been taken to safeguard against similar incidents in the future, and we are taking steps to re-evaluate the security of computer devices within our clinics to further protect our patient's information," officials said in a statement.

The incident serves as a reminder of the importance of encryption. A 2017 Thales Data Threat Report for the Healthcare Industry released in February found that only 65 percent of healthcare organizations encrypt cloud data, while a 2016 Sophos report found 20 percent of organizations aren't using encryption at all.

And in February, OCR fined Children's Medical Center of Dallas $3.2 million for breaches due to lack of encryption.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.