In what’s become an all-too-frequent occurrence, thousands of UCSF medical school patients have been notified that their personal data was compromised after someone swiped a laptop from an employee late last year. eSecurity Planet breaks down exactly what information was exposed and what the university is doing to help those affected.
Officials at the University of California, San Francisco medical school are in the process of notifying 4,310 patients that some of their personal information may have been exposed after a laptop was stolen from an employee in late November.
The information included patients’ names, medical record numbers, ages and clinical information, according to a UCSF statement.
“A review conducted by UCSF Enterprise Information Security determined that the files contained limited data for some UCSF patients relating to their treatment at UCSF Medical Center in 2008 and 2009,” according to the statement. “It also was determined that the employee had uploaded some files from a prior employer, Beth Israel Deaconess Medical Center in Boston, and these files contained some BIDMC patient data.”
Officials said the UCSF police department began an investigation Dec. 1, and the laptop was recovered in Southern California on Jan. 8.