Healthcare and Public Health // South Carolina, United States
Self Regional Healthcare in South Carolina disclosed on July 23 that two people broke into one of its facilities over Memorial Day weekend and took a laptop belonging to the company. The hospital discovered the breach on May 27.
Both intruders were arrested on June 10 and claim they never accessed the computer. The thief who stole it said he destroyed and disposed of the laptop in Lake Thurmond. The police sent divers in twice, but haven’t been able to find the machine.
SRH President and CEO Jim Pfeiffer said in a statement: “Because we do not have the laptop in our possession, Self Regional must assume there is a possibility that someone may have accessed certain patients' protected health information.”
The computer was password protected but not encrypted.
The protected health information that could have been accessed includes patients' names, Social Security numbers, driver's license numbers, treating physician names, insurance policy numbers, patient account numbers, service dates, diagnosis/procedure information, payment card information, financial account information, and possibly their addresses.
“Executives said the perpetrators were not likely cyber thieves or hackers,” the Index-Journal reports.
The robbery occurred at SRH’s Support Services Center. “The center serves as the hub of Self Regional’s administrative services, housing more than 15 departments under one roof,” according to the newspaper.
Video surveillance showed the thieves as they left the building and fled the scene on bicycles.
“One of the suspects was toting the computer over his shoulder in a carrying case,” the Index-Journal reports. “Hospital officials said the thieves swiped the computer, which was stationed at a work terminal in one of the accounting departments, sometime between 5 and 6 p.m.”