Fairview and North Memorial Hospitals are notifying more than 16,000 patients that a laptop containing their personal and medical information was stolen.
The laptop belonged to a healthcare services firm that coordinates services for Fairview. The theft occurred on July 25 in the parking lot of a Minneapolis restaurant.
The computer contained the names of 14,000 Fairview patients along with their addresses, dates of birth, some diagnostic information and social security numbers. Approximately 2,800 North Memorial patients were also affected, but the information on the laptop didn't include their social security numbers or home addresses.
Fairview's director of privacy Lois Dahl says her organization requires its vendors to put encryption software on laptops. But the software wasn't installed on the stolen computer.
"The laptop should have been encrypted which would render the information on the laptop unreadable," Dahl said. "But there was a process breakdown and human error caused that encryption process not to be on that computer."
Both hospital systems say there is no evidence that any patient information has been accessed or misused.
The laptop belonged to an employee of Accretive Health. The vendor has agreed to pay for identity theft protection and fraud monitoring to all patients involved in the incident.
Earlier this year Fairview reported another potential breach in patient data after a box containing information on 1,200 patients went missing during an office relocation.
Fairview's chief clinical integration officer Dr. Mark Werner said privacy breach will not stop Fairview from exchanging patient information with Accretive Health.
"The sharing of health information is a challenge that we all face. But at the same time we need to continue to grow our capabilities of taking care of our community and our population of patients better and better," Werner said. "And having committed strategic partners like Accretive I think is appropriate and part of that effort."