Data for roughly 55,000 patients at Indianapolis-based Cancer Care Group was compromised after a bag with a laptop containing the company's computer server back-up media was stolen from an employee's locked vehicle last month.
The laptop, which was stolen on July 19, according to the Indianapolis Business Journal, contained names, addresses, birth dates and Social Security numbers for patients, as well as medical record numbers and insurance information. It also contained similar information about employees for the group, which boasts more than 20 oncologists.
"There is no evidence to believe that the backup media were the target of the theft or that any of the information on the media has been accessed or used for fraudulent purposes," spokesman Clyde Lee said, noted TheIndyChannel.com. According to EHR Intelligence, Lee added that the group is in the middle of encrypting all mobile media and updating policies and procedures regarding data safety.
"Some of these steps already were underway at the time this incident occurred," Lee said.
The breach is the latest in a long line of data breaches that have occurred this year. In a similar situation, for instance, Lake Forest, Calif.-based Apria Healthcare announced earlier this month that a laptop stolen from the locked vehicle of an employee contained personal and protected health information for roughly 11,000 patients.
The University of Texas M.D. Anderson Cancer Center, meanwhile, has been the victim of two data breaches this year: The first took place at the end of April when data for more than 30,000 patients was compromised after a laptop was stolen from a faculty member's home; the second took place in July, when a medical student trainee riding on an employee shuttle bus lost an unencrypted portable hard drive containing information for 2,200 patients.
Earlier this year, a laptop containing personal information for more than 2,100 patients at Boston Children's Hospital was lost by an employee attending a conference in Buenos Aires.