Advocate Data Breach Leaves 4 Million Patients at Risk

On July 14th, four password-protected, unencrypted computers containing personal data of more than 4 million patients was stolen from an administrative building. As HealthITSecurity.com recently stated, this data breach has “become the second-largest HIPAA violation ever reported to the Department of Health and Human Services (HHS).”


3 September 2013

Would you ever leave confidential information unencrypted for anyone to access? Hopefully, the answer is a resounding no.

However, “no” was not the answer for Advocate Medical Group. On July 14th, four password-protected, unencrypted computers containing personal data of more than 4 million patients was stolen from an administrative building. As HealthITSecurity.com recently stated, this data breach has “become the second-largest HIPAA violation ever reported to the Department of Health and Human Services (HHS).”

Now, the Advocate Medical Group of Chicago is alerting patients and physicians of the data breach because their personal information could be at risk. Shockingly, the stolen, unencrypted computers stored patient names, addresses, Social Security numbers, birth dates, treating physicians, medical report numbers and other information.

As a result, federal regulators will be investigating the data breach further. The Advocate Medical Group will continue notifying patients until September 9th and will be offering a free year of credit monitoring services to those affected.

While credit monitoring services can be comforting, what’s really frightening about the situation is that the thieves now have a treasure chest of personal information which they could use for fraudulent purposes, like obtaining false identification or credit information.

The reliance on password protection is not the most secure way to safeguard patient information. Encryption should be a basic essential in protecting data to ensure confidentiality from unauthorized access by encoding it.

Organizations need to take appropriate measures to secure information and comply with HIPAA’s regulations. By implementing a cloud service with the proper encryption, businesses can help avoid the risk of data being compromised. For more information on our solution, please visit Intralinks VIA™.



Meagan Parrish

Meagan Parrish

Meagan Parrish is the Senior Manager of Social Media at Intralinks. She is responsible for social media strategy development and the communications for Intralinks' online communities. Meagan has been creating social media strategies for a variety of companies across verticals for the past several years. She holds Bachelor degrees in Marketing and Finance, with a minor in English Literature.