(Xinhua)
Updated: 2008-03-25 15:32

WASHINGTON -- A US government laptop computer containing sensitive medical information on 2,500 patients enrolled in a National Institutes of Health study was stolen in February, The Washington Post reported on Monday.

This data security accident potentially exposed seven years' worth of clinical trial data, including names, medical diagnoses and details of the patients' heart scans. The information was not encrypted, in violation of the government's data-security policy, according to the paper.

The laptop was stolen from the locked car trunk of a researcher who is employed by the National Heart, Lung, and Blood Institute (NHLBI), one of the many institutes of NIH.

"Although the laptop was turned off and password protected, so that retrieving the confidential information would require considerable computer sophistication, the NHLBI recognizes that such information should not have been stored in an unencrypted form on a laptop computer," said the statement issued by NHLBI.

However, it was reported that NHLBI officials did not send letters notifying the affected patients until last Thursday -- almost a month later.

This accident is the latest in a number of failures by the US government employees to properly secure personal information. This month, the Government Accountability Office found that at least 19of 24 agencies reviewed had experienced at least one breach that could expose people's personal information to identity theft.