You are here: Home > Business & Finance > Markets > Markets News > Article
Home
Business & Finance
Markets
U.S.
U.K.
Europe
Asia
Markets News
Hot Stocks
Bonds News
Gainers & Losers
Most Actives
Indices
Calendars
Deals
Small Business
Green Business
Industries
Industry Summits
Stocks
Funds
ETFs
Currencies
Commodities
Options
Economy
Bonds
Analyst Research
Portfolio
News
Do More With Reuters
RSSRSS Feed
Widgets
Mobile
Podcasts
Newsletters
Your View
Partner Services
CareerBuilder
Affiliate Network
Professional Products
Support (Customer Zone)
Reuters Media
Financial Products
About Thomson Reuters

RPT-UPDATE 2-McKesson says computers with patient data stolen

Thu Sep 13, 2007 7:17pm EDT
 
[-] Text [+]

(Repeats to more subscribers) (Adds comments from McKesson spokesman on privacy law)

By Jim Finkle

BOSTON, Sept 13 (Reuters) - U.S. pharmaceuticals distributor McKesson Corp (MCK.N) said on Thursday that two computers containing confidential patient data were stolen from the company on July 18.

The computers contained data on thousands of participants in a program that McKesson administers to help supply medications to low-income patients, spokesman James Larkin said. He declined to say which health-care company had hired McKesson to run the program, what sort of information was on the computers, or whether it was encrypted.

"We have an investigation under way," Larkin said. "We feel it wouldn't be prudent to comment."

He said patients had been notified that the information may have been compromised, and local police and the Federal Bureau of Investigation were helping with the investigation.

The theft was reported last week by magazine Information Week, which quoted the text of a letter that San Francisco-based McKesson sent to one patient:

"Your personal information may have been on one of the two computers that were stolen from a McKesson office ... At this point, we have not determined if your personal information was on either stolen computer. However, we are taking the precaution of notifying every patient whose information might have been on the computers, just to be safe."

Larkin confirmed that the excerpt was accurate.

He said the company was not at risk of having violated the terms of a complex U.S. law known as the Health Insurance Portability and Accountability Act, or HIPAA, that was implemented in 2003 to protect patient privacy rights.

It established specific safeguards that health-care providers and others must follow to protect the privacy of health information and set provisions for holding violators accountable, listing civil and criminal penalties that can be imposed if they violate patients' privacy.

"There were no HIPPA violations," he said. "The information that was potentially compromised was not covered under HIPAA."

 

Companies In This Article

McKesson Corporation (MCK.N) Quote, Profile, Research