Solis Mammography, also known as Ben-Ora, Hansen, Vanesian Imaging Ltd, announced that an unencrypted laptop computer was stolen from its Phoenix, Arizona clinic.
Solis Mammography knew about the theft on October 17, 2018 and reported it to law enforcement. Up to now, the device was not retrieved yet. Solis Mammography made attempts to rebuild the information that was contained in the laptop with the assistance of a prominent computer forensics company.
Although the investigation verified that the protected health information (PHI) of some patients were downloaded to the laptop, the investigators cannot ascertain which exact information were compromised.
Solis Mammography believes that the person who has the computer may have potentially accessed the stored information on it. The names of patients, dates of birth, health insurance details, laboratory test results, medical photos, and other data were likely stored on the device. No financial information was stored on the laptop, according to Solis Mammography.
Safety measures had been implemented to further protect patient data such as strengthening passwords and access controls; reviewing policies and procedures regarding the safe disposal of patient data and updating them as needed.
There was no report received that suggest the misuse or access of any information contained on the device. But the patients were advised to keep track of their transactions from healthcare companies and insurance providers for services that they have not received.
On December 16, 2018, Solis Mammography already reported the data breach to the Department of Health and Human Services’ Office for Civil Rights. The breach report indicated that the PHI of around 500 patients might have been compromised because of the stolen device.