Jacksonville, Fla.-based Baptist Medical Center South notified patients about a privacy breach June 30 after learning a backup hard drive went missing in May, the hospital told Becker's.
Baptist South officials discovered the hard drive, which was used for electroencephalogram testing, had gone missing May 18. The hospital immediately began an investigation, however, officials are unsure whether the hard drive was taken, borrowed or accidentally discarded. The incident affected 531 patients, according to HHS' Office for Civil Rights' breach portal.
The device contained limited protected health information — including names, birth dates, medical record numbers, physicians' orders, diagnoses, reasons for study and EEG images — from patients who received testing in 2015, 2016 and 2017. The drive did not include Social Security numbers or financial information, the hospital confirmed to Becker's.
Hospital officials said special software is required to read information on the hard drive. They do not have any indication information on the hard drive has been accessed or misused.
More articles on health IT:
'CopyCat' malware infects 14M Android phones in 2016
UC Davis Health notifies 15k patients after employee email breach