Emory University
Stolen Computer Contains Personal Information on 38,000 Emory Cancer Patients
Quick Facts
- Date: 1/2/2007
- Institution: Emory University
- Type of Incident: Theft
- Number Affected: 38,030
- Source: ESI
- Abstract Source: The Atlanta Journal-Constitution (free subscription required)
Abstract
A computer stolen from the offices of Electronic Registry Systems contained information on over 38,000 cancer patients treated at or by Emory University physicians. Information contained on this computer included patient names, address, Social Security numbers, medical data and treatment information going back to 1977 in some cases. Electronic Registry Systems supplies cancer registry data processing services to Emory and other hospitals. According to Emory officials, the medical information on this computer was double-password protected, but there was no mention of any encryption being used. In a letter to affected patients, Emory apologizes for this event and included a fact sheet on how to contact credit agencies and place fraud alerts on credit reports. According to police the theft looked like a typical "smash and grab break-in" and not a theft that specifically would target computers with personal information.
