a covered entity (CE) physicians car was broken into spell parked in a public non-work location and an unencrypted laptop computer under the seat was stolen. The electronic protected health info (ePHI) involved in the drudge included addresses, birth dates, social surety numbers and clinical information in password-protected electronic medical register software and affected 950 individuals. The CE filed a police report and notified apply partners. hack notification was provided to HHS, affected individuals, and the media. Following the hack, the ce improved safeguards by encrypting all devices and media that store, access or channelize ePHI. As a outcome of OCRs investigation, OCR provided technical assistance and the CE implemented a policy to formalize the procedures for safeguarding mobile devices. Location of hacked information: Laptop business associate present: no