A federal database has documented 121 such lapses nationwide since September 2009, showing that medical or financial information had been exposed for more than five million people.
"There is almost no excuse for unencrypted data to be sitting on any computer at a hospital or any organization," said Scot Silverstein, a Drexel University expert on health-information technology.
Such problems heighten the concern many people have about the move toward electronic health records.
Perhaps as a result, the U.S. Department of Health and Human Services has increased penalties for violations of patient privacy, including fines for up to $50,000 per violation and up to $1.5 million a year.
Still, such breaches occur every week.
A similar loss of private patient information occurred in December at Children's Hospital of Philadelphia when an employee's laptop with data including Social Security numbers on 943 patients was stolen from a car.
On Tuesday, Cooper University Hospital in Camden reported that a flash drive with Social Security numbers, addresses, and phone numbers of medical residents and fellows was missing.
"The hospital is conducting a thorough investigation and has initiated an aggressive plan to protect any personnel who could be affected by this potential security breach," Cooper said in a statement.
Meanwhile, a nurse accessed records of 600 patients at Tomah Memorial Hospital in Wisconsin to get narcotics data for personal use, and 1.2 million patient records were stolen on a laptop owned by a Florida health insurer, AvMed Inc.
"We are seeing this all the time," said Paul Stephens, director of policy and advocacy at the California-based Privacy Rights Clearinghouse.
