Cornerstone Health Care Data Breach (2014)

High Point-based Cornerstone Health Care has alerted more than 500 patients after a laptop at one of its practice locations that contained patient information was stolen earlier this year. On Feb. 26, Cornerstone began reaching out to 548 patients of Cornerstone Neurology in High Point to let them know about the theft, and took steps to better secure laptops going forward. The laptop contained information including patient names, dates of birth, physician names and a summary of nerve conduction scans, but did not include social security numbers, addresses, billing information or other highly confidential information, according to Cornerstone. Katie Henry, who is Cornerstone's general counsel as well as chief compliance and patient safety officer, said the laptop was discovered missing on Jan. 6, and was taken sometime after Dec. 31. The laptop was not integrated into Cornerstone's electronic medical records system or billing system, and did not have access to broader patient information, Henry said. The gap between finding out the computer was missing and reaching out to patients was due to the time required in determining that it had been taken as well as identifying what patients might have been affected. "This wasn't one of our laptops that our providers use to see all of our patients," Henry said. "Because this computer isn't integrated into our systems, we didn't have an easy way to figure out what patients might have been involved." Henry said it appears the laptop was taken for the computer itself, and not the information it contained. Since learning of the theft, Cornerstone has installed new locks on rooms at Cornerstone Neurology that contain electronic devices, reviewed its policies and procedures and provided additional training to staff on the importance of securing patient information.