Speare Memorial Hospital, of Plymouth, N.H., has sent notification letters to nearly 6,000 patients that their protected health information (PHI) may have been breached following the theft of a laptop, according to a notice on the hospital’s website.
The laptop was stolen from an employee’s car on April 3, the notice stated. Although the computer was password-protected, “that does not afford complete protection from unauthorized access,” the release said.
The PHI contained on the computer included patient names and, in some cases, patient addresses, hospital account numbers, medical record numbers, physician names, dates of service, procedure codes and diagnosis codes, according to the hospital.
“Upon learning of this incident the day after [the theft], we immediately undertook a process to identify the extent of information on the computer, and have sent a letter of notification to the patients affected by this potential breach,” the hospital stated. Speare also has engaged experts to identify additional safeguards above its current security measures, and a police report has been filed, the hospital stated.
The hospital will monitor for any indication of misuse of patient information, according to the notice, and recommended that patients review their future hospital account statements closely.