New York, NY – New York’s Lincoln Medical and Mental Health Center is notifying patients that their personal information may have been compromised after seven CDs full of unencrypted data were FedExed by a hospital contractor and then lost in transit.
Join our WhatsApp groupSubscribe to our Daily Roundup Email
The CDs were sent by the hospital’s billing processor, Siemens Medical Solutions USA, around March 16, but never arrived at their intended destination. They included sensitive health and personal information including Social Security numbers, addresses, dates of birth, health plan numbers, driver’s license numbers and even descriptions of medical procedures, the hospital said on a note posted to its Web site.
The breach affects 130,495 patients, according to a notification posted by the U.S. Department of Health and Human Services.
“FedEx has suggested that the CDs likely became separated from their shipping envelope at one of its facilities, were swept up and destroyed,” the hospital said in a letter sent to victims, dated June 4.
The CD was password-protected but unencrypted, the letter states.
Companies have begun taking better care of their customers’ data in recent years, as they’ve had to foot multimillion-dollar bills following similar incidents. According to the Ponemon Institute, a security research firm, the average U.S. data breach costs companies more than US$200 per record.
Siemens is no longer FedExing CDs to Lincoln, the hospital said. It is not aware of any of the data being improperly accessed.
Uh oh! I’ll never get a job nww
Do they still have the paper records??
Not a big concern for the patients. Its so easy to steal this kind of data electronically from the insurance processing companies (whose systems are incredibly open to hacking) that a determined fraud artist wouldn’t waste his time with old fashioned CDs.
Are they crazy?????
Lots of shidduchim can now be checked out
of all the miliion of FedEx packages shipments, only this one had to be messed up..
im very concerned…