Health data breaches can be caused by numerous situations, and with the increase of electronic medical records and online issues, the proper care of paper documents can occasionally be overlooked. Regardless of how covered entities store and transmit patient records, it is essential that they take the time to implement proper privacy and security measures, including how to properly transport and dispose of paper documents.
Patient records found in residential driveway
An Orlando facility allegedly compromised patients’ identities after medical records were discovered in a residential driveway. According to a WFTV report, Florida resident John Henderson received a letter from Orlando Health that said a list of patients and their information was found in a neighborhood driveway. Henderson said that his son’s information was on the found patient list.
The letter from Orlando Health said that the misplaced list had patient names, medical record numbers, account numbers and even diagnoses, WFTV said. However, the letter added that Social Security numbers and insurance information were not included on the papers.
The letter stated that an Orlando Health employee reportedly took the patient list home by mistake, and it is believed that it fell out of the employee’s car, according to Henderson.
“It just don’t make sense, it don’t make sense,” Henderson told the news source. “And I can’t believe Orlando Health is this irresponsible.”
Orlando Health said in a response to WFTV that notification letters were sent to 68 patients “out of an abundance of caution,” and that it does not believe that any harm will come from the incident.
“We understand the concerns of patients involved in this incident,” Orlando Health said in its letter, according to WFTV. “The privacy and security of our patients’ health information is a top priority for us. We conducted a thorough investigation of the incident and found no evidence of malice or intent.”
The provider added that it has “a number of policies in place to ensure the security and privacy of all protected health information,” and that it will update the policies as needed to keep patient data secure.
Lawsuit filed after improper disposal of paper documents
Illinois Attorney General Lisa Madigan filed a lawsuit earlier this week against a Chicago area storage company, after it allegedly exposed sensitive patient information by dumping paper records in a public dumpster.
The records contained patient names, dates of birth, Social Security numbers and other sensitive personal information, according to a statement on Madigan’s website.
FileFax Inc. “failed to provide safe, secure and proper collection, retention, storage and destruction of Suburban Lung records, Madigan explained.
“This company brazenly violated the law and jeopardized the personal information and privacy of thousands of Illinois residents,” she said.
Suburban Lung Associates had contracted with FileFax to maintain and destroy patient medical records, Madigan stated. Affected individuals had been patients at Suburban Lung Associates, which operates in numerous north and northwest suburban Chicago locations.
FileFax violated Illinois’ Personal Information Protection Act, according to Madigan. The act ensures consumers’ personal information is protected in the state. Moreover, the lawsuit states that the company violated Illinois’ Consumer Fraud and Deceptive Business Practices Act.
Source: http://ift.tt/1EnZtss
from health IT caucus http://ift.tt/1EnXKDv
via IFTTT
No comments:
Post a Comment