Oakland-based Kaiser Permanente had a number of ultrasound units stolen from one of its hospitals by a couple of former employees.

It was revealed last week that "a significant portion" of the lifted systems had already turned up in a locked storage unit and although the hospital suspects the devices themselves were going to be sold — the electronic protected health information (ePHI) stored in them probably wasn't.

That may be something of a silver lining considering the increased rate of cyber attacks on hospitals and the black market value of sensitive patient information.

Kaiser reported that patient data was discovered on some of the returned ultrasound systems on June 10 and the following day it began notifying approximately 1,100 patients in Northern California who may have had their information compromised.

"We sincerely apologize for any inconvenience or concern this incident may cause," said Angela Anderson, regional privacy and security officer for Kaiser Permanente North America, in a statement.

"Because Social Security numbers were not accessed, the risk of any fraud is quite low. Additionally, we believe that this equipment was only stolen to sell for profit, and not to reveal or misuse member information. There is no sign that health information has been used for fraud or other criminal activity," she continued.

The investigation is ongoing and Kaiser reports that it is cooperating fully with law enforcement. It has not specified which one of its hospitals the ultrasound systems were taken from, or whether it will press charges against the suspects.

Ultrasound Homepage