Premier Healthcare, a multi-specialty group located in Bloomington, Illinois, announced in early March that an unencrypted laptop has been missing from its billing department since early January and started notifying affected patients of the data breach pursuant to state and federal law. The unencrypted laptop contained the personal information of 205,748 patients, including the Social Security numbers and financial information of over 1,700 patients.
In a strange twist of events, right after Premier started notifying patients of the data breach, the laptop was returned to Premier and just showed up in the mail. I am thinking there was no return address label on the envelope.
According to Premier, forensic tests were performed which showed that the laptop had not been turned on or accessed since it went missing, and therefore, the incident was not really a data breach.
The lesson learned? The importance of encrypting all laptops—even if they are located in a locked administrative building.