Sutter - 2011

A company-issued password-protected unencrypted desktop computer was stolen from SMF's administrative offices during the weekend of October 15, 2011.  Approximately 3.3 million patients whose health care provider is supported by SPS had their names, addresses, dates of birth, phone numbers, email addresses, medical record numbers and health insurance plan name exposed.  The information dated from 1995 to January of 2011.  An additional 934,000 SMF patients had dates of services and description of medical diagnoses and/or procedures used for business operations in addition the the previously listed information exposed.  This information dated from January 2005 to January 2011.  Patients will receive notification letters no later than December 5.UPDATE (11/23/2011): Two lawsuits have been filed against Sutter Health.  One class-action suit alleges that Sutter Health was negligent in safeguarding its computers and data and then did not notify the millions of patients whose data went missing within the time required by state law.  The suit seeks $1,000 for each member of the class and attorneys' fees.  UPDATE (07/21/2014): "A state appellate court Monday ordered the dismissal of a lawsuit that could have cost Sutter Health more than $4 billion when it ruled that millions of the health care giant’s patients had no right to sue over the theft of a computer with their personal, medical and insurance records on its hard drive. The court decided it has not been shown – and the patients have not alleged – that any unauthorized persons have actually viewed the contents of the hard drive, a fact that deprives the patients of grounds to seek civil damages".Read more here: