2,553 Eye Care Surgery Center Patients’ PHI Potentially Exposed

Eye Care Surgery Center, Inc, which is located in Baton Rouge, LA, discovered on February 26, 2018 that one of its laptop computers had been stolen. The laptop computer contains the protected health information (PHI) of 2,553 patients which may be potentially compromised.

The Center doesn’t exactly know where or how the device was stolen but because of the incident, a new multi-camera system was installed in its facilities – inside and outside the center’s buildings. Eye Care Surgery Center also decided to implement encryption on most of the portable electronic devices especially those that contain PHI. Encryption will help prevent the exposure of PHI in case other portable electronic devices get stolen or lost.

Eye Care Surgery Center had the incident investigated to find out the types of data that the stolen device contained. It was found that there was no highly sensitive information like Social Security numbers, financial data or health insurance information contained in the device that could impact the patients. Breached information only included names, dates of birth and patient diagnosis information. There were no reports received yet that would indicate the thief or hacker misused of any of the information contained in the laptop computer.

Eye Care Surgery Center already notified all the affected patients about the breach by mail. The Department of Health and Human Services’ Office for Civil Rights also received the breach notification report concerning the incident.