John Muir Health warns patients about security breach

April 5, 2010 12:00:00 AM PDT
More than 5,400 patients of John Muir Health in Walnut Creek are being warned that there may have been a breach of their confidential medical and personal information after two laptops were stolen. With everyone on computers these days, it is a reminder that we are all vulnerable.

"There may be some risk," says John Muir Vice President Hala Helm.

Helm says patient information and perhaps credit data may have been on two stolen laptops. The computers were taken from a building in Walnut Creek.

Investigators say someone jimmied open a stairwell door on the first floor, made their way up to the third floor, and then broke into the ultra sound room. There were five laptops in there and the thieves took two of them.

It took John Muir computer programmers more than a month to determine whose names were on the laptops and then they were notified.

"We don't believe that the risk is great based on the fact that the laptops were password protected and the data was in a format that wouldn't be easily accessible," says Helm.

Even though there have been no victims yet, computer expert Larry Magid says they're not out of the woods. He calls password protection like putting a lock on a door. It can be easily compromised.

"A password is simply a word that can often be guessed. Encryption requires a very sophisticated computer to decrypt. Encryption is very difficult to break through," says Magid.

The system is now encrypted and all of the laptops are locked down. Walnut Creek police have suspended the investigation. John Muir is still searching, checking sites like Craigslist for the laptops and they are reassuring patients.

"We're working with Equifax, one of the credit monitoring companies, to give the patients free credit monitoring for a year," says Helm.


Load Comments