NEW YORK—Personal data for more than 130,000 Lincoln Medical and Mental Health Center patients may have been compromised after several CDs full of unencrypted data was lost in transit by FedEx.
The hospital’s billing processor, Siemens Medical Solutions USA, sent seven CDs to Lincoln around March 16 via FedEx; however, the information never arrived at the hospital, according to Bloomsberg Businessweek. The disks contained personal information such as Social Security numbers, addresses, dates of birth, health plan numbers, driver’s license numbers and descriptions of medical procedures.
The password-protected but unencrypted CDs contained information of 130,495 patients. It is unclear whether any of the data has been improperly accessed.
For its part, FedEx believes that the CDs were separated from their shipping envelope at one of its facilities and were destroyed.
Siemens no longer uses FedEx to send disks containing personal data to the hospital.
For additional information, click here.