3,780 patients’ details are said to have been stolen from an unencrypted desktop computer during a break-in at Temple University, Philadelphia. The breach was announced in the local newspaper, Philly.com. Details included patient name, age billing codes, and, in some cases, the name of the referring physician.
Temple has offered identity-monitoring services within the US to all affected patients for 12 months and said that it has now taken steps to prevent such a theft in the future.
All health care plans, health care clearinghouses, and health care providers that electronically transmit medical information are termed ‘covered entities’ and must adhere to the Health Insurance Portability and Accountability Act (HIPAA), which is a federal law that helps protect the confidentiality and security of healthcare information.
If a covered entity has violated health information privacy rights or has committed another violation of the Privacy, Security, or Breach Notification Rules, they may face fines or imprisonment.