25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Renown Health Discovers PHI was Stored on Lost Thumb Drive

Posted By on Aug 14, 2019

Renown Health, the largest healthcare provider in Northern Nevada, has started notifying certain patients that some of their protected health information (PHI) may have been compromised.

Patient information was present in files on a portable storage device (thumb drive) discovered to be missing on June 30, 2019. An extensive search of the facility was conducted but the thumb drive could not be located.

An investigation was conducted to determine what files had been saved to the device and which patients had their PHI exposed.

Files on the storage device related to patients who had received inpatient services at Renown South Meadows Medical Center between January 1, 2012 and June 14, 2019. The types of information in the files included names, diagnoses, medical record numbers, clinical information, admission dates, and physicians’ names.  No Social Security numbers or financial information were stored on the device.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Patients have been advised to exercise caution and monitor their accounts and explanation of benefits statements for any signs of fraudulent activity. Renown Health will be reviewing its policies covering the use of portable devices such as thumb drives and will be reeducating its workforce on safeguarding patient information.

The data breach has not yet appeared on the Department of Health and Human Services’ Office for Civil Rights’ breach portal, so it is unclear how many patients have been affected.

This is the second data breach of this nature to be reported in the past few days. The New York Fire Department also reported a breach involving the loss of a portable electronic device containing the ePHI of patients. Around 10,000 EMS patients were impacted by the breach.

These incidents highlight the importance of implementing encryption on all portable electronic devices used to store ePHI. In the event of device loss or theft, ePHI cannot be accessed by unauthorized individuals and a data breach will be prevented.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist