Western Health Screening has reported the theft of a password-protected jump drive with the names, addresses, phone numbers and in some instances, Social Security numbers of health fair participants. WHS provided onsite blood screenings at the health fairs sponsored by Delta County Memorial Hospital, Montrose Memorial Hospital and Gunnison Valley Health.
The jump drive does not contain any medical information such as blood test results, nor does it contain any financial information such as credit card numbers or other source of payment information. To date, WHS has no evidence that any participants' information was accessed by unauthorized persons or that any participants' personal information has been misused.
Patti Kalahar, manager, marketing and education for Delta County Memorial Hospital, said the hospital has not been contacted by anyone whose information has been accessed.
"WHS has no reason to believe that any personal information was accessed or used inappropriately, and we believe that the likelihood of such misuse is extremely low," chief executive officer Marge Hall said in a press release issued last week. "Nonetheless, out of an abundance of caution WHS is providing public notice of this incident, in addition to individualized notice to all participants, in order that participants may take steps to protect their information and credit generally."
The jump drive belonging to WHS was in a vehicle stolen in Salt Lake City, Utah, while en route to a health fair. WHS learned of the theft on Feb. 7, but determined the jump drive was unencrypted on Feb. 15.
The theft was immediately reported to the Salt Lake City Police Department. WHS also conducted its own internal investigation and determined that the jump drive contained demographic information collected from 2008-2012.
WHS began mailing letters to affected individuals on April 14 and has established a dedicated call center to answer any questions. For additional information about this incident, please visit the WHS website at http://whs.cc/hipaa/.