A local doctor’s office is keeping mum on a stolen hard drive that may contain personal information on hundreds of patients who seek care there.

Yet one criminology expert said Wednesday that – de-pending on the hard drive’s contents – the security breach could have serious implications.

“If someone was actually stealing it for the records, it could be used for identity theft, for embarrassment purposes – which could mean potential lawsuits – or for extortion,” said Dennis Giever, Indiana University of Pennsylvania professor and Criminology Department chairman.

“There’s got to be something pretty serious behind it for someone to break in and steal a hard drive that might cost $30 at Staples and nothing else,” he said.

Borough police are searching for a burglar who forced through a locked employee door at Dr. Deborah Ba-ceski’s internal medicine practice along West Church Street between 4 p.m. Sunday and 8:30 a.m. Monday. A hard drive was taken from the practice’s patient registry room.

The hardware was the only missing item, according to police.

“There was very little damage or disturbance,” borough police Chief Randy Cox said. “They took nothing else.”

Baceski did not return repeated calls for comment.

Cox said he could not confirm reports from the doctor’s office that the hard drive contained only blank forms.

“If patients are concerned about their information, they should call the doctor’s office,” he said.

Giever said most organizations don’t take enough precautions when it comes to personal information and technology.

“There needs to be a very systematic approach,” he said. “The downfall in most cases is that organizations don’t take that approach. They poke their finger in the dike – fix problems as they arise.”

Some time-consuming but not necessarily costly measures include mapping the characteristics of an organization and knowing potential adversaries and how they might strike.

Testing security systems is a must as well, he said.

“Every organization should run through the process,” Giever said. “But very rarely do people do it.”

The issue is an ongoing problem for hospitals and businesses around the country, he added.

In August, a laptop was reported missing that may have contained personal information on as many as 18,000 patients at Pennsylvania Veterans Affairs hospitals. The computer contained insurance claim data for patients, including names, addresses and Social Security numbers of some patients, according to firstgov.gov.

The computer went missing from a subcontractor, according to the Web site report. In that case, Veterans Affairs notified each patient or patient’s family members by letter.

The Somerset burglar broke in through an employee door on the northern side of the building at 105 W. Church St., according to a police release.

Anyone with information may call borough police: 445-4596.

Recommended for you