25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

PHI Stolen in San Francisco and Corpus Christi Burglaries

Posted By on Jun 15, 2018

Two HIPAA-covered entities are alerting patients that some of their protected health information (PHI) has been obtained by thieves in recent burglaries.

PHI Taken from Employee of Christus Spohn Hospitals

The protected health information of patients of two Christus Spohn Hospitals in Corpus Christi has been stolen in a burglary.

A Christus Spohn employee was burgled on April 16, 2018 and PHI was taken including information such as names, birth dates, dates of service, medical record numbers, account numbers, ages, and other medical data. No financial information, driver’s license numbers, or Social Security numbers were compromised.

Patients affected by the breach had previously received treatment at Christus Spohn Health System’s Memorial or Shoreline hospitals. While PHI was obtained, the information does not appear to have been misused. Christus Spohn has confirmed that approximately 1,800 patients have been affected by the incident.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Steps have already been taken to prevent further incidents of this nature from occurring, and the employee in question has received further training on measures that need to be taken to ensure protected health information is safeguarded.

PHI of Patients of a San Francisco Acupuncturist Stolen

San Francisco acupuncturist Denise M. Bowden is notifying patients that some of their PHI was stolen from her Pacific Heights office. The acupuncturist discovered the burglary on April 30, 2018, with the offices ransacked at some point over the weekend of 28/29 April.

The thief stole a computer from her office that contained information such as patients’ names, addresses, contact telephone numbers, dates of service, diagnosis codes, and health insurance information. No financial information or Social Security numbers were stored on the computer.

While the computer was password protected, patient data were not encrypted and could therefore potentially be viewed by unauthorized individuals. No reports have been received to suggest any of the information on the computer has been accessed and misused. Patients were notified of the breach by mail on June 11, 2018.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist