25% off all training courses Offer ends June 26, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends June 26, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Privacy Breach Reported by Bay Area Chiropractic Center

Posted By on Feb 28, 2016

In December, Bay Area Chiropractic Center LLC was advised that a substitute doctor who had worked at the Coos Bay facility had used a patient list that he compiled while employed by the company to drum up business for his own private practice.

The physician was employed by Bay Area Chiropractic Center between June 1 and August 31, 2015. While employed at the company, the physician compiled a patient list which included patient names, addresses and contact telephone numbers. The data were taken from patient’s charts supplied to him in order for treatment to be provided to patients. The physician was not given permission to store the data, remove them from the company facilities, or to contact patients.

The data were apparently stored in a Word document on a zip drive and were also stored on a mobile phone used by the physician. According to a breach notice sent to the Oregon Department of Justice, the physician is no longer in possession of the phone. It is unclear whether the data stored on the phone were securely erased before the device was disposed of.

Bay Area Chiropractic Center was alerted to the privacy breach by a former business manager. The company was told that the physician had used the data to try to get patients to transfer to his practice to continue to receive treatment. He is alleged to have contacted patients without authorization, and according to the complaint, told them that Bay Area Chiropractic Center was closing its doors and that their care had been transferred to his practice.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Bay Area Chiropractic Center was alerted to the privacy breach on December 10, 2015 and started sending notification letters to affected patients on December 22, 2015. Patients were advised about the breach of their privacy and the letters explained that Bay Area Chiropractic Center was not closing its doors and would be continuing to provide treatment to its patients. The data theft was also reported to the Coos Bay Police department and the Oregon Department of Justice was advised of the privacy breach earlier this month.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist