Dedicated to providing the latest
HIPAA compliance news

Austin Pulmonary Consultants Reports Improper Disposal of PHI

Share this article on:

Austin Pulmonary Consultants PA has reported a HIPAA breach to the Department of Health and Human Services’ Office for Civil Rights that has impacted 889 patients.

On September 8, 2016 Austin Pulmonary Consultants discovered that a third party vendor that had been contracted to provide cleaning services at its recently opened offices at 5920 W. William Cannon, Building 1, Suite 150 in Austin, Texas had improperly disposed of documents containing the protected health information of patients. The documents had been designated for secure disposal and should have been shredded and rendered unreadable and unusable in accordance with HIPAA Rules, but were accidentally disposed of with regular trash.

The documents contained highly sensitive patient information including names, home addresses, dates of birth, Social Security numbers, medical information, the names of payment guarantors, their addresses and Social Security numbers, and medical payment information.

Breach notification letters were mailed to all affected patients on November 7, 2016 and steps have been taken to reduce the likelihood of future breaches of this nature occurring. Austin Pulmonary Consultants is working closely with its vendor to ensure that its cleaning staff receive further training on the correct disposal methods for documents containing sensitive patient health information and additional security measures are being implemented to ensure sensitive documents are disposed of in accordance with Health Insurance Portability and Accountability Act Rules in the future.

While some patients’ protected health information has been exposed, Austin Pulmonary Consultants does not believe that the data have been used inappropriately. No reports of data misuse have been received and no misuse or further disclosure of any PHI is anticipated.

According to the breach notice published on the Austin Pulmonary Consultants website, “We take the privacy and security of our patients’ records very seriously, deeply regret these circumstances, and are committed to keeping our patients informed.”

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On