The suspect is a 40-year-old man by the name of Kelly Stanton, a former employee who has been arrested and arraigned. However, the flash drive itself is still missing.
Stanton, who has a history of fraud convictions, was charged with the theft in February.
The theft happened between December 23rd and 27th, 2010 at the council's offices, which were closed for the Christmas holiday. The discovery of the theft was made on the 28th when police were notified. Police say Stanton was fired on the same day of the discovery.
The data on the stolen flash drive included personal information only from patients who received reproductive health services at these and other providers between October 2, 2008 and November 30, 2010.
Specifically, patient name, address, phone number, social security number, date of birth, and other information including insurance information and medical information were on the flash drive. So far, the Council said, there is no indication of inappropriate use of the information stored on the stolen flash drive.
The Council went on to say that both the Philadelphia Police Department and the Philadelphia District Attorney's Office requested that notification of patients and the public be delayed while the investigation was ongoing.
A spokesperson explained in a statement that, under government health care programs, the Council gathers and processes patient data from several area health care providers for reporting and billing purposes.
Providers who are affected by this loss of data include: Spectrum Health Services Inc. (Haddington Health Center and the Broad Street Health Center); Public Health Management Corporation (which operates or operated PHMC Care Clinic, PHMC Health Connection, Rising Sun Health Center, Mary Howard Health Center, Community Court, Project Salud and several emergency housing locations in Philadelphia); Planned Parenthood Southeastern Pennsylvania; Planned Parenthood Association of Bucks County; and The Children's Hospital of Philadelphia.
The Council said it reported the circumstances of the incident to those providers on January 13, 2011, and each of the providers is notifying its patients affected by this incident.
The Council is offering individuals affected by this breach credit-monitoring services and other credit-protection services free-of-charge.
Patients who need further assistance, or who would like additional information on ways to protect their financial information, can visit the Family Planning Council's website at www.familyplanning.org or call 1-888-414-8020 and enter reference number 3720040811.
Melissa Weiler Gerber, Executive Director of The Family Planning Council, declined an interview request and refused to answer questions about the hiring of Stanton, whose rap sheet includes multiple convictions for theft, fraud and other crimes.
Weiler Gerber issued a written statement saying, "While no abuse of the stolen data has come to light, we regret deeply even the appearance of a breach. I offer my personal and professional apology to all patients whose confidentiality may have been violated. We are moving swiftly and purposefully to ensure that nothing of this type ever occurs again with respect to Council facilities or information, and to ensure that our procedures comply with all privacy and security laws and satisfy industry best practices."