Local News

Patient info stolen from Duke Health office

Posted August 29

— Duke University Health System officials said Friday that a thumb drive containing patient information was stolen from an administrative office last month.

The unencrypted device contained spreadsheets that included patients’ names, medical record numbers, physicians’ names and, in some instances, the names of certain Duke University Hospital locations visited, officials said. No Social Security numbers, clinical information, financial information or medical records were on the device, they said.

The patients whose information was compromised were treated in the Duke Children’s Health Center and Lenox Baker Children’s Hospital from last December until June.

The thumb drive was stolen on July 1, but police have been unable to recover it, officials said. It was unclear why Duke waited until Friday to notify patients.

"We have no reason to believe that the information on the thumb drive has been used in any way," officials said in a statement on the Duke Health website.

The health system set up a dedicated call center to answer questions from affected patients. People can call 866-819-2163 toll-free between 9 a.m. and 9 p.m. weekdays.

"We deeply regret any inconvenience this may cause our patients," officials said in the statement. "To help prevent something like this from happening in the future, we are enhancing our encryption processes and re-enforcing staff education on the use of encryption and the importance of handling patient information securely."

7 Comments

This story is closed for comments. Comments on WRAL.com news stories are accepted and moderated between the hours of 8 a.m. and 8 p.m. Monday through Friday.

Oldest First
View all
  • heelsgirl05 Aug 29, 5:35 p.m.

    They have "no reason to believe any information was used". How in the world would they know... View More

    — Posted by jwsawyer

    My thoughts exactly

  • justcommonsense Aug 29, 4:02 p.m.

    I used to work as a nurse at Duke....that health system is not what people tend to believe it is.

    — Posted by gopack10

    No health system is exactly what people tend to believe it is. No place is perfect due to the fact that as with everything, humans are involved and humans are not perfect. Yes, I know some think that there should be perfection in some areas of life, it just isn't the case.

    I could say negative things about UNC since that is where my son was when he contracted MRSA and passed away as a result.

  • 678devilish Aug 29, 3:26 p.m.

    What purpose would someone else's information serve the thief? I do hope he/she is caught asap.

  • gopack10 Aug 29, 3:19 p.m.

    I used to work as a nurse at Duke....that health system is not what people tend to believe it is.

  • kenshi Aug 29, 3:13 p.m.

    RandomGuy, it was on it likely because a Duke employee wasn't following Duke rules. There are regulations that forbid storage or transport of patient information on unencrypted media.

  • SomeRandomGuy Aug 29, 3:08 p.m.

    1. WHY was this data on a USB Drive??
    2. If there is any LEGIT reason for the data to be on a USB drive, WHY was it NOT encrypted??

  • jwsawyer Aug 29, 2:57 p.m.

    They have "no reason to believe any information was used". How in the world would they know that?