The laptop contained information about 2,500 patients enrolled in a National Institutes of Health study, potentially exposing seven years' with of clinical trial data because the information wasn't encrypted, violating the government's data-security policy, The Washington Post (NYSE:WPO) reported Monday.

NIH officials made no public comment about the theft and didn't send letters notifying patients affected by the breach until last week. Officials said they delayed out of concern that the admission would provide alarm.

The NIH incident is the latest in instances of government employees failing to secure personal information. The Government Accountability Office reported finding at least 19 of 24 agencies reviewed experienced at least one infiltration that could expose people's personal information to identity theft, the Post said.

Since the incident, the NIH is ensuring all laptop computers are encrypted and staff receive regular computer security training, the institute said in a statement. Also, "patient names, other identifying information, or identifiable medical information" will no longer be stored on laptop computers."