Medical records sent to Ohio recycling center
Physician Practice Insider, January 12, 2016
A still undetermined number of patients were affected when lab records from Community Mercy Health Partners (CMHP), Springfield, Ohio, were disposed of at a local recycling center. The records were discovered at the recycling center November 26, according to the Dayton Daily News. CMHP has 60 days to determine the number of patients affected and has confirmed that it plans to notify all affected patients, WDTN reported.
The records reportedly include:
- Names
- Dates
- Social Security numbers
- Lab results and requests
Photographs of the records circulated in the media show dates of service ranging from 2005 to 2013.
LeRoy Clouser discovered the discarded records when dropping off items at Clark County Solid Waste District’s North Recycling Station and notified local police of his findings. Although local police contacted CMHP the next day and the hospital secured the majority of the documents, a local news station, WDTN, also obtained some of the documents. WDTN reported that it returned these documents to the hospital.
The records were not intentionally sent to the recycling center, CMHP told the Dayton Daily News. Its policy is to shred paper documents it no longer needs to maintain. CMHP is investigating to determine how the documents ended up at the recycling center and will review its disposal and storage procedures. No incidents of identity theft have been reported yet as a result of the breach, a CMHP representative told the Dayton Daily News.
This is not CMHP’s first breach of the year. Roughly 2,000 patients were affected by a breach in February when invoices meant for other entities were accidentally mailed to six individuals, the Springfield News-Sun reported. The data on the invoices included:
- Names
- Addresses
- Billing codes
- Service dates and locations
- Account balances
The February breach was reported to HHS April 27.
Large-scale cybersecurity attacks often receive the most attention, but a recent NPR report looked at the damage smaller-scale privacy breaches can cause to individuals when personal health data is exposed in their community.
This article was originally published in HIM-HIPAA Insider.
Related Products
-
Physician Practice Perspective
Physician Practice Perspective subscribers can find the archive of issues on the Part B News website. Find more information...
-
Medical Environment Update
A subscription to Medical Environment Update pays for itself by saving you time sorting through complex regulations and...
-
HealthLeaders Media Physician Leaders
HealthLeaders Media Physician Leaders offers commentaries that focus on the hottest issues for doctors as well as concise...
-
Medical Environment Update - Electronic and Print, 1 year
A subscription to Medical Environment Update pays for itself by saving you time sorting through complex regulations and...
-
Medical Environment Update - Electronic, 1 year
A subscription to Medical Environment Update pays for itself by saving you time sorting through complex regulations and...
Most Popular
- Articles
-
- Use caution when applying modifier -25
- Don't forget the three checks in medication administration
- Nursing responsibilities for managing pain
- Steps for maintaining patient privacy
- Know guidelines and subtle differences in code descriptions for laceration repairs
- Complications from immobility by body system
- Practice the six rights of medication administration
- Poor documentation: The consequences
- Note similarities and differences between HCPCS, CPT® codes
- Q&A: Primary, principal, and secondary diagnoses
- E-mailed
- Searched