This incident has 0 proposed changes. Know of details that have changed? Submit them Showing Incident 3660

SUMMARY

5,994 patients' names, addresses, hospital account numbers, medical record numbers, diagnostic codes and treatment codes on laptop stolen from employee vehicle
Records	5,994
Record Types	NAA MISC MED ACC
Breach Type	Stolen Laptop
Data Family	Electronic
Source	Outside
Organization	Speare Memorial Hospital
Other Affected/Involved Organizations	None
Lawsuit?	NO/UNKNOWN
Data Recovered?	NO/UNKNOWN
Arrest?	NO/UNKNOWN
Submitted By:	Dissent

TIMELINE

Date	Event
2011-04-03	Incident Occurred
New Timeline Item For Incident Occurred Date Reference URL Spam Check: Are you human?
2011-04-04	Incident Discovered By Organization
New Timeline Item For Incident Discovered By Organization Date Reference URL Spam Check: Are you human?
2011-05-03	Organization Reports Incident
New Timeline Item For Organization Reports Incident Date Reference URL Spam Check: Are you human?
None. Add Data	Organization Mails Notifications
New Timeline Item For Organization Mails Notifications Date Reference URL Spam Check: Are you human?
None. Add Data	Records Recovered
New Timeline Item For Records Recovered Date Reference URL Spam Check: Are you human?
None. Add Data	Lawsuit Filed
New Timeline Item For Lawsuit Filed Date Reference URL Spam Check: Are you human?
None. Add Data	Arrest Made
New Timeline Item For Arrest Made Date Reference URL Spam Check: Are you human?

SIMILAR INCIDENTS

records	date	organizations
5,000	2006-06-30	Washington Regional Medical Center
8,000	2006-08-29	Compass Health
9,000	2006-09-24	Nagasaki University Hospital of Medicine and Dentistry
7,800	2007-02-19	Seton Family of Hospitals

MAP OF INCIDENT LOCATION

Address: Boston, MA, USA
Have a better address for this incident? Suggest it!

suggest a new reference

REFERENCES

suggest a new attachment

ATTACHMENTS

COSTS SUMMARY

Known Actual Costs

No known costs for this incident.

Estimated Costs

Ponemon Institute Direct Costs Estimate ¹

$359,640.00

Note that these estimates are based on the Ponemon Institute's 2009 direct costs figures from their 2009 Annual Study: Cost of a Data Breach. We multiply $60.00 by the number of records to obtain this figure. Keep in mind that depending on the breach, the direct costs are not always suffered by the breached organizations. In the case of credit card number breaches, the direct costs can often be suffered by banks and card issuers. Also note that this is only an estimate.

COMMENTS

by Anonymous on 2011-06-02 (12 months ago)

Ponemon shows a per record cost of $282.00 for the healthcare industry. Why are you using a $60.00 per record cost?

by jkouns [Master Researcher] on 2011-06-03 (12 months ago)

As you know, there are debates as to what the correct estimates per record. We tried to pick a number from the 2009 report that would apply to all incidents in DataLossDB and was tied to actual direct costs. Thanks for the reminder as we should update this to $73 dollars of direct cost per record from the 2010 report.

by Anonymous on 2011-06-22 (11 months ago)

Actually Ponemon says $214 per record across all verticals.

by Anonymous on 2011-07-06 (11 months ago)

That $214. per record is an industry average and Healthcare was the highest for all industry sectors at $282. per record for that year. I would think it would be more meaningful to list overall costs vs. initial direct costs since Ponemon is capturing the higher figures based on all factors and what it has actually cost organizations listed in their studies.

Incidents:

Data Types:

Sectors:

Sources:

Breach Types:

Disposal Computer | Disposal Document | Disposal Tape | Disposal Drive
Disposal Mobile | Email | Fax | Fraud Se
Hack | Lost Computer | Lost Document | Lost Drive
Lost Laptop | Lost Media | Lost Mobile | Lost Tape
Missing Document | Missing Laptop | Missing Media | Snail Mail
Stolen Computer | Stolen Document | Stolen Drive | Stolen Laptop
Stolen Media | Stolen Mobile | Stolen Tape | Unknown
Virus | Web |