More than 16,000 patients of a Houston, Texas, hospital have been warned that their personal information could have been compromised when a computer was stolen from a third-party company, according to the May 5, 2005, BNA Health Law Reporter.

The computer, which was stolen from a company hired to transfer paper records to electronic files, contained
information such as patient names, Social Security numbers, and medical records. A hospital spokeswoman noted that the data was password-protected and would be difficult to access. To date, there is no evidence that the stolen data has been used, and the Houston Police Department has stated that the motive for the theft is believed to be the computer hardware and not the information.

Original medical records remained at the hospital, the hospital says, so patient care will not be affected by the theft. The hospital's Web site is http://www.christusstjoseph.org/.

This incident is one of a series nation-wide where the theft of patient data was actually unintentional, as thieves were targeting the computer for easy resale value on the street. This incident emphasizes the fact that even simple password protection and physical security are an effective level of protection against the majority of risks.