The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Oak Cliff Orthopaedic Associates Alerts Patients to Potential PHI Breach

Posted By on Dec 19, 2016

More than 1,000 current and former patients of Oak Cliff Orthopaedic Associates have been notified that unauthorized individuals may have viewed some of their protected health information.

Boxes of paper business records and other items were stolen from an off-site storage facility used by the Dallas orthopedic firm. It is currently unclear when the theft occurred and how long the thieves had access to the information, although the theft was discovered on October 17, 2016.

The documents contained patients’ names, addresses, and medical record numbers, although an investigation revealed that some of the documents also contained certain patients’ credit card numbers, Social Security numbers, and banking information.  Patients affected by the incident had received medical services from Oak Cliff Orthopaedic Associates between 2006 and 2007.

The Lewisville Police Department did manage to recover the stolen files and they have now been returned to Oak Cliff Orthopaedic Associates and are now secured. The stolen items were found in a hotel room, but it is unclear whether the thieves have been identified or apprehended. All other items not taken by the thieves have since been removed from the storage facility and have now been secured.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Since financial data have potentially been viewed and copied by the thieves, Oak Cliff Orthopaedic Associates notified relevant financial institutions of the risk of fraudulent activity on the affected individuals’ accounts. Patients impacted by the incident have now been notified mail and a press release has been issued in accordance with Health Insurance Portability and Accountability Act Rules.

Oak Cliff Orthopaedic Associates has not received any reports to suggest any of the stolen information has been used inappropriately, although it is possible that patient data were viewed by the thieves. As a precaution against identity theft and fraud, all 1,057 patients affected by the incident have been offered one year of identity theft protection services without charge.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist