Name of Entity
Apria Healthcare, Inc., Privacy Manager BreachOrganization Type
Healthcare, Medical Providers & Medical Insurance ServicesAddress
CA
United States
Description
On August 13, 2012, the covered entity (CE), Apria Healthcare, Inc., reported that an unencrypted laptop computer was stolen from a workforce member’s locked vehicle. The laptop contained the electronic protected health information (ePHI) of 65,700 individuals. The PHI involved in the breach included names, addresses, birth dates, social security numbers, and isolated instances of driver’s licenses, financial and medical information. The CE provided breach notification to HHS, the affected individuals and the media. The CE sanctioned the workforce member, encrypted all laptop and desktop computers, and retrained workforce members. OCR obtained assurances that the CE implemented the corrective actions noted above.Location of breached information: Laptop
Business associate present: No
Date of Breach
01/01/2012