By Martin H. Bosworth
ConsumerAffairs.com
August 30, 2006
A Washington state mental health care provider, Compass Health, has notified
authorities that a laptop computer containing data on an undisclosed
number of patients was stolen more than a month ago.
According to a media alert issued by Compass Health, the laptop contained information on clients of the clinic and its partners since October 1st, 2005. The information included Social Security numbers, "along with other clinical and demographic information."
The theft occurred June 28. Compass did not say why it waited so long to issue the alert.
Although Compass Health did not specify if the laptop was encrypted or password-protected, it claimed that "the data could only be accessed by a skilled technician." The clinic further claimed that there was no evidence that patient information had been misused.
Compass Health has set up a toll-free 1-800 number to answer questions about the theft, and is notifying all affected persons with information on setting up fraud alerts on their credit reports.
The Everett, Wash.-based mental health care provider offers behavioral health, counseling, and crisis assistance for individuals suffering from mental illness and their families.
The Compass Health incident is the latest in the never-ending series of thefts and disappearances of computers and equipment that contain sensitive identifying information such as names, addresses, Social Security numbers, and medical or financial records.
Medical and health care providers have not been exempt from the epidemic. Oregon-based Providence Health Care reported the theft of a laptop containing data on 365,000 patients in February.
The Veterans' Administration (VA) holds the record for biggest data breach, with the loss and recovery of a laptop containing data on 26.5 million veterans, stolen from the home of a data analyst in Maryland. Two teens were charged with the theft, and the breach has led to numerous calls for improving government data security.
Not long after that, VA contractor Unisys suffered the theft of a desktop computer containing the medical and financial information of thousands of veterans from its main office. Unisys had been contracted to help the VA process insurance claims for military personnel.
