Home page logo

dataloss logo Data Loss mailing list archives

From: Erica Absetz <erica () riskbasedsecurity com>
Date: Mon, 25 Mar 2013 10:58:04 -0400


This notice is to inform University of Mississippi Medical Center
patients of a recent breach of patient health and personal

Federal and state laws require health-care institutions to notify
patients potentially affected by such incidents. In this case, due to
insufficient contact information for those who may be affected,
individual notifications are not possible.

On Jan. 22, UMMC officials were notified that a password-protected
laptop was missing. The laptop was a shared device, used by UMMC
clinicians working in a non-public, patient-care area.

The laptop may have contained health and personal information of adult
patients seen at UMMC between 2008 and January 2013. The information
potentially included names, addresses, dates of birth, Social Security
Numbers, diagnoses, medications, treatments and other clinical

On learning the laptop was missing, UMMC officials took action to
secure the information. Despite efforts to locate the laptop, it has
not yet been recovered.

UMMC administrators believe it is unlikely the information on this
computer has actually been viewed, accessed, used or disclosed.

UMMC has received no notifications from current or former patients
regarding any unauthorized use of protected health or personal
information pertaining to this breach.

If you are or were a UMMC patient between 2008 and January 2013, and
you believe you may be affected, or if you have general questions
about this occurrence, you can contact UMMC by one or more of the
methods below.

UMMC Office of Integrity and Compliance representatives will do all
they can to assist you in working through this process.

Call: 1-855-241-2575, select option 6
Email to: HIPAAPRIVACY () umc edu ; or
Write to: University of Mississippi Medical Center, 2500 N State
Street,  Attn: Office of Integrity and Compliance, Jackson, MS 39216
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list


Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]