It is also contacting an additional 100,000 people whose records on the laptop contained a "limited amount" of health information -- though not SSNs, Baylor said in a statement Tuesday.
The laptop was left overnight by an employee in her car, from which it was stolen sometime in mid-September. The computer was used mainly for administrative purposes and therefore did not contain comprehensive patient histories, Baylor said. The employee from whom the laptop was stolen has been fired, a Baylor spokeswoman added Wednesday.
Individuals whose SSNs were compromised in the incident will receive a year's worth of free credit monitoring, the spokeswoman said.
Ironically, the theft comes as Baylor is rolling out new technology aimed at helping it track laptops and remotely erase sensitive information on them in the event of a loss or theft.
The incident highlights yet again why security analysts have for a long time now advocated the use of encryption or other measures for protecting sensitive data on laptops and other mobile devices.