McKesson: Stolen Computers Contain Patient Information - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Information Management

McKesson: Stolen Computers Contain Patient Information

Execs at the health-care services company are unsure how much identifying information was contained on the patients documented in the missing machines.

Health-care services company, McKesson, is alerting thousands of its patients that their personal information is at risk after two of its computers were stolen from an office.

The company, which helps pharmaceutical manufacturers set up assistance programs for patients in need, sent out a letter alerting patients that the computers were stolen on July 18. The names of the people being alerted were on one of the two PCs, but it's not known how much of their accompanying identifying information was also contained on the machines.

"Your personal information may have been on one of the two computers that were stolen from a McKesson office," wrote Patrick Blake, president of McKesson Specialty Pharmaceutical, in the letter to one patient. "At this point, we have not determined if your personal information was on either stolen computer. However, we are taking the precaution of notifying every patient whose information might have been on the computers, just to be safe."

A spokesman for McKesson did not return phone calls requesting comment, but a company representative on the McKesson hotline said "thousands" of patients were affected and letters were sent to everyone who had at least a name on one of the machines. It's possible that identifying information, including addresses, prescribed medications, dosages, Social Security numbers, and dates of birth, also were contained on the computers. The loss appears to affect both current and former patients.

The company representative said it's not clear if the data on the machines was encrypted. Local police and the FBI have been called in on the investigation.

Blake's letter suggested that those contacted put a fraud alert on their credit files. The representative on the McKesson hotline said the company would give customers a year of free credit reporting if they requested it.

"We also have taken steps to ensure this doesn't happen again by increasing and improving employee understanding and awareness of corporate security policies and procedures, policies for handling patient data, and company security processes," wrote Blake. "We deeply regret that this incident occurred."

The hotline number is: 866-554-6366.

The impact of data theft is usually severe when health-care companies are involved. Earlier this year, a laptop was stolen from a secure office in a Texas hospital group, putting identifying information on 7,800 patients without health insurance at risk. The Seton Family of Hospitals reported in February that a security camera captured video of a thief carrying out a laptop and a projector. The laptop contained identifying personal information such as Social Security numbers, dates of birth, and insurance program numbers.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll