Solis Mammography Notifies 500 Patients of PHI Exposure
An unencrypted laptop computer has been stolen from Ben-Ora, Hansen, Vanesian Imaging Ltd., dba Solis Mammography.
Solis Mammography learned on October 17, 2018 that the laptop had been stolen from its Phoenix, AZ clinic and reported the theft to law enforcement. To date the device has not been recovered. Attempts were made to reconstruct the data stored assisted by a leading computer forensics firm.
While the investigation confirmed that some patients’ protected health information had been downloaded to the device, it was not possible to ascertain the exact information that had been exposed.
Solis Mammography believes information such as patients names, birth dates, health insurance information, lab test results, medical images, and other information could have been stored on the device and have potentially been accessed by the individual in possession of the computer. Solis Mammography does not believe any financial information was downloaded onto the laptop.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Solis Mammography has taken steps to further secure patient information including strengthening access controls and reviewing and updating policies and procedures concerning the secure disposal of patient information.
No reports have been received to suggest any information stored on the device has been accessed and misused, although patients have been advised to monitor their statements from healthcare providers and insurers for services that have not been received.
Solis Mammography has reported the theft to the Department of Health and Human Services’ Office for Civil Rights on December 16, 2018. The breach report suggests up to 500 patients’ PHI may have been stored on the device.
