The Nemours Foundation - 2011

Three unencrypted computer backup tapes were reported missing on September 8.  The tapes were stored in a locked cabinet, which had been temporarily relocated on or around August 10 for a facility remodeling project.  The cabinet was not found.  The tapes had been stored in the cabinet since 2004 and contained patient information stored between 1994 and 2004.  Names, Social Security numbers, addresses, dates of birth, insurance information, medical treatment information, and direct deposit bank account information were exposed.UPDATE (10/12/2011): Patients and their guarantors, vendors, and employees at Nemours facilities in Delaware, Pennsylvania, New Jersey, and Florida were affected.  In addition to medical treatment information, the payroll information of current and former employees was exposed.  Nemours took steps to encrypt all computer backup tapes and move non-essential computer backup tapes to a secure, off-site storage facility after the breach.