Kaiser Permanente were recently notified that law enforcement had seized a computer file containing Kaiser Permanente Northern California employee information found in possession of a suspect who was arrested. The suspect is not a Kaiser Permanente employee. The computer file was confiscated and a copy was shared with Kaiser Permanente.
An internal investigation was launched and a handful of employees have reported identity theft.
The file appears to contain information typically considered to be employee personal data, including employee name, address, phone number, Social Security number, and date of birth. No Kaiser Permanente member information or personal health information was involved.
Kaiser Permanente comments:
Protecting our employees’ personal information is an ongoing priority at Kaiser Permanente. We restrict access to sensitive information through technical safeguards such as electronic access controls, and we require data to be encrypted on Kaiser Permanente electronic devices such as laptops and mobile devices. We also continually upgrade our systems and software and implement the most up-to-date security safeguards, and we regularly educate our staff about their privacy and security responsibilities through our established policies and procedures.