An anonymous reader writes: The 'health management' company Alere produces and markets in-home medical devices that act as electronic middle-men between doctors and patients taking warfarin (an anti-coagulant drug). Levels of the drug in the blood stream need to be constantly monitored to ensure levels remain within safe ranges, too little and there is a risk of blood clots, too much and hemorrhage can occur. This data is processed by Alere and distributed to qualified health professions who then interpret the results, taking action as required. However, on the 23rd of September, an Alere employee laptop with an unencrypted file containing the health records and personal details of all 100,000 patients being monitored was stolen from a parked car. The company did not become aware of the privacy breach until the 1st of October, and since then affected patients have been notified by mail and have been offered identity theft checks. The OCR has not yet been notified (notification must be made within 60 days), and the neither the laptop nor the data have been recovered. It begs the question, would you trust a 3rd party health provider with your personal information? What if the home test had been for more stigmatised diseases such as HIV antigen levels?