25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Flash Drive Theft Exposes PHI of 2700 Oneida Health Center Dental Clinic Patients

Posted By on Apr 22, 2016

An unencrypted flash drive containing the protected health information of 2,700 patients of the Oneida Health Center Dental Clinic has been discovered to be missing. The portable storage device is believed to have been stolen internally and an investigation into the theft is still being conducted by the dental clinic. Local law enforcement was also notified and an investigation was conducted, although the flash drive has not been recovered.

The drive was stolen from the Oneida Health Center on the Oneida Reservation at 525 Airport Drive on February 17, 2016. The device contained a limited amount of patient data including patient names, patient identification numbers, and dental insurance identification numbers.

Patients affected by the breach had visited the dental clinic between February 2, 2015 and February 17, 2016. No Social Security numbers, dates of birth, or financial information were stored on the device. Patients have now been notified of the breach by mail in accordance with Health Insurance Portability and Accountability Act Rules.

Oneida Health Center has no reason to believe the data stored on the device have been used inappropriately or disclosed to any individuals other than the person who took the device. Since there is a risk that the dental insurance number could be misused patients have been advised to contact their insurance company and explain that their ID number has potentially been compromised. Patients have also been told of the importance of protecting personal information and to be wary of any requests to disclose any of their personal information.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

To reduce the risk of future breaches of PHI, Oneida Health Center Dental Clinic will be implementing new administrative policies and procedures concerning the use of portable storage devices. To reduce the risk of further PHI exposures, additional technical safeguards will be used to protect data stored on flash drives and other portable storage devices.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist