A laptop stolen from the house of a junior doctor employed by the Hull and East Yorkshire Hospitals NHS Trust contained unencrypted information on over one thousand patients.
The theft occurred back in November, but the doctor did not immediately alert the trust about it because he was not authorized to carry the data on his computer.
The exposed information included names, dates of birth, hospital numbers, as well as details about treatment received by 1,147 orthopaedic patients.
According to This is Hull & East Riding, upon learning of the breach, the trust temporarily suspended the doctor and scheduled a disciplinary hearing.
A notification letter signed by its chief executive Phil Morley and containing an apology, was sent to all affected individuals.
"I am writing this letter to inform you of the incident and also to apologise unreservedly for the loss of your confidential data.
"The doctor acted outside trust and NHS regulations in taking unencrypted patient data away from the trust and installing it on his personal computer.
"I can advise that the trust treats these matters very seriously and the doctor concerned is being managed in accordance with the trust's policies and procedures," the letter said.
Howeverm, among the recipients was 12-year-old Mary Holmes of Beverley and her mother is not very happy about it.
"You can't send a letter of that magnitude to a child and expect them to understand it," Cathie Holmes, 37, said. "I'm fuming about it. We should be able to trust these people," she added.
The incident might prompt an investigation from the Information Commissioner's Office, which started issuing fines for data breaches since last November.
The Hull and East Yorkshire Hospitals NHS Trust operates the Hull Royal Infirmary and Castle Hill Hospital in Cottingham and also provides specialist services to North Yorkshire, as well as North and North East Lincolnshire.