In a statement sent by e-mail to HealthLeaders Media Wednesday, Lucile Packard spokesman Robert Dicks forwarded this statement from Susan Flanagan, RN, chief operating officer: "This theft was very unfortunate. We hold ourselves to the highest standards in taking care of the children we treat, and we are committed to providing the best care possible and to protecting our children's privacy."
"The incident in question was related to the apparent theft earlier in the year of a password-protected desktop computer that contained information about 532 patients. The hospital immediately began a thorough investigation and also reported the matter to law enforcement in an attempt to recover the computer quickly."
"As soon as the hospital and law enforcement determined the computer was not currently recoverable, the hospital reported the incident to the CDPH and federal authorities, as well as the families of potentially-affected patients."
"The privacy and security safeguards we employ are some of the most advanced technologies and controls available to hospitals today."
Added Ed Kopetsky, chief information officer at Packard Children’s, "Even though the investigation revealed that no patients were harmed and apparently no patient information was compromised, we are using this incident to further tighten our security and provide additional education to our staff."
Dicks said a date has not been set for the ruling on the appeal.
He emphasized in an e-mail Thursday that the hospital self-reported the incident to the state.
The state Department of Public Health's website indicates that Lucile Packard hospital received two other fines, each $1,500, for two other incidents involving failure to report a breach of medical records by a healthcare worker "within the facility/healthcare system" on the same day. The state website indicates that the hospital intends to appeal one of them but not the other.