Leaving an unencrypted laptop containing more than 2,230 patient records in an unlocked vehicle overnight might be a bad idea. Even more so when it turns up stolen and your company is facing its third major security breach in a single year. According to the U.S. Department of Health and Human Services (HHS), “Demographic information, clinical information, health insurance information, patient names, addresses, credit card numbers and their expiration dates, and dates of birth” are some of the data stolen during three incidents for Advocate Health Care Network in 2013. Those mishaps have resulted in a $5.5 million settlement with the HHS, the largest data breach settlement ever. Advocate, however, reports that there have been no indications that the information has been misused… Yet. Yay?