The apparent theft of a missing laptop computer has put 3,851 patients of University of Florida physicians at risk for identity theft.
On Aug. 1, UF was notified that a computer was stolen from ChartOne, a Boston-based firm that the Health Science Center contracts with to help manage medical records. In the laptop's database were the names, Social Security numbers, dates of birth and medical record numbers for more than 3,000 patients spread over a wide area.
In a letter to affected patients dated Aug. 8, UF Privacy Officer Susan Blair wrote, "Although the risk for anyone gaining access to and then using this information is low, reports of identity theft are often in the news."
Those who received the letter were asked to contact the three major credit reporting agencies to put a fraud watch on their accounts. They were also referred to UF's privacy office hotline if they had questions.
University officials said that ChartOne made a full report to the Gainesville Police Department.
According to Blair, the problem began in late July, when a ChartOne employee in Gainesville reported trouble with a laptop computer. The company decided to send a new laptop by United Parcel Service, and loaded it with the information from the patient database before it was shipped.
"We know that UPS had it and reportedly delivered it, but did not get a signature for the laptop, which reportedly has disappeared," Blair said Friday. "It appears it was left at a ChartOne employee's premises."
Tom Fortner, a spokesman for the Health Science Center, said, "Usually people who take a laptop are looking for the hardware. To our knowledge, no one has used this information."
Calls to ChartOne's offices on Friday were not returned.
According to recent statistics, identity theft is the fastest growing crime in America. A Federal Trade Commission report said that more than 27 million Americans have had their identities stolen in the past five years, almost 10 million in 2004 alone. The cost of these thefts in 2004 was an estimated $5 billion.
Once someone has fraudulently obtained information like a Social Security number or name and date of birth, they can use it to to obtain credit and credit cards from banks and retailers, steal money from a victim's existing accounts, apply for loans, even get a job using the victim's name. The victim may not learn about it for months or even years.
That's exactly what worries one caller to The Sun, who asked that her name not be used. She was one of the 3,851 patients whose information was in the missing laptop's database.
The victim said she had spent $300 to put fraud alerts on accounts held by her husband, daughter and herself. She had made countless phone calls to the Social Security Administration, banks, credit unions and stores where the family had charge accounts.