A limited amount of patients' personal information may have been exposed when Framingham, Mass.-based Charles River Medical Associates discovered an unencrypted, portable hard drive was missing from its bone density testing workstation in November 2017, a hospital spokesman confirmed to Becker's Hospital Review.
After conducting an extensive investigation, CRMA officials could not locate the hard drive and cannot determine whether the information stored on it has been compromised.
The hard drive was used to perform monthly backups of the workstation and may have included names, dates of birth, CRMA patient identification numbers and bone density scan images. No financial information or Social Security numbers were stored on the hard drive.
CRMA recommends individuals take precautionary steps to guard against any potential consequence of the incident. It is offering potentially affected patients one year of free credit monitoring from one of the three major companies: Experian, TransUnion or Equifax.
"If any suspicious activity is suspected or has occurred with any of an individual's accounts, please report such activity to CRMA and an appropriate legal authority," CRMA wrote in a press release provided to Becker's Hospital Review.
"CRMA understands that this unfortunate event may pose an inconvenience. CRMA sincerely regrets that this incident occurred," the organization added.
More articles on cybersecurity: