HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Laborers Funds Administrative Office of Northern California Reports HIPAA Breach

The Laborers Funds Administrative Office of Northern California has announced it has experienced a HIPAA security incident that has resulted in the protected health information of participants being disclosed to other individuals.

The Laborers Funds Administrative Office of Northern California, which manages Northern California Laborers Trust Funds, conducted a mailing on February 17, 2016 to alert participants that they were not responsible for tax or penalty under the Patient Protection and Affordable Care Act as they had the required minimum level of coverage from the fund.

However, a computer error occurred when mailing IRS 1095-B forms to participants which resulted in some individuals receiving correspondence containing data relating to other fund participants and their dependents. The data detailed on the 1095-B forms included Social Security numbers and health plan coverage information along with the full names of other participants and their dependents.

In accordance with HIPAA and state regulations, all affected individuals have been sent breach notification letters to alert them to the breach of their private and confidential data. All affected individuals have also been offered credit monitoring services without charge and an insurance policy has been taken out to protect all affected individuals against identity theft.

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

While sensitive data have been disclosed to unauthorized individuals, the Laborers Funds Administrative Office of Northern California has no reason to believe that any data have been used inappropriately or will be used for any unlawful purposes.

To prevent future security incidents from occurring the Laborers Funds Administrative Office of Northern California has implemented new security measures and has strengthened training policies and procedures. Further training has also been provided to customer service staff to ensure they are able to deal with any queries from affected individuals.

The California attorney general’s office has been notified of the privacy breach, as has the United States Department of Health and Human Services’ Office for Civil Rights. A notice was also submitted to the media announcing the privacy breach.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.