• patient and physician information was stolen from the Greensboro Gynecology Associates (the "doctor's office"), including:
• Social Security numbers;
• addresses;
• employers;
• insurance companies and policy numbers; and
• family members.

Relevance to Business Activities:

• security - physical and technical safeguards considerations:
• a backup data tape for the computer database belonging to the doctor's office:
• was stolen from an employee taking the tape to an off-site storage facility for safekeeping; and
• contained unencrypted personal information, but not treatment or medical data.
• computer security experts consulted by the doctor's office said:
• the data is unlikely to be accessed because of:
• the program used and the language the information is written in.

• breach response considerations:
• the doctor's office:
• sent letters to past and present patients:
• notifying them that the data tape was stolen; and
• recommending that patients monitor credit accounts and financial information on a regular basis, to:
• determine if they become a victim of identity theft.
• reported the matter to the police, however:
• the police said they have no such report on file.
• is investigating the matter; and
• is consulting with computer security experts to prevent similar thefts in the future.

Source Document:

http://www.news-record.com/content/2008/07/16/article/security_breach_affects_patients