BOSTON (Legal Newsline) - Beth Israel Deaconess Medical Center in Boston will pay $100,000 in penalties and fines after personal information was stolen from approximately 4,000 employees and patients during a security breach, Massachusetts Attorney General Martha Coakley announced on Friday.
The civil judgment stems from the May 2012 theft of a doctor's laptop containing information on 3,796 patients and employees. The laptop was not encrypted.
Although the hospital had not issued the laptop, it contained patient and employee names, medical information and social security numbers. The hospital allegedly didn't inform the affected patients and employees about the security issue until August 2012.
“The health care industry’s increased reliance on technology makes it more important than ever that providers ensure patients’ personal information and protected health information is secure,” Coakley said. “To prevent breaches like this from happening, hospitals must put in place and enforce reasonable technological and physical security measures.”
The hospital plans to take measures to track all personal devices, such as laptops, that could be used for patient information and encrypt these devices. It also plans to train their employees on better procedures.