Stolen Hard Drive Contained PHI of 76,000 Texas Patients

Share this article on:

All-Star Orthopaedics is alerting patients of Irving, TX-based Las Colinas Orthopedic Surgery & Sports Medicine, PA, that some of their protected health information (PHI) was stored on a hard drive that has been stolen.

The hard drive contained X-ray and other diagnostic images of 76,000 patients, along with patients’ names and dates of birth. The hard drive was not encrypted, but special software is required to access the images. The image files would need to be opened in order to see patients’ names and dates of birth.

The hard drive was stolen on November 20, 2018 and the theft was reported to the Department of Health and Human Services’ Office for Civil Rights on January 18, 2019. Breach notification letters have now been sent to all affected patients.

The theft has prompted All-Star Orthopaedics to implement new security protocols and all portable hard drives will now be encrypted prior to transport.

Dermacare Brickell Data Breach Impacts 1,800 Patients

On November 20, 2018, the Miami medical practice Dermacare Brickell discovered paperwork containing the PHI of around 1,800 patients was missing.

The paperwork had been removed from a locked storage unit at The Vue Condominium, close to its office. The files related to patients who had received medical services at the practice between 2010 and 2013.

The medical practice determined that boxes of files had been mistakenly removed and disposed of a condominium association dumpster along with regular trash. The person responsible assured the practice that he did not read any of the files in the boxes and was unaware that the boxes contained patient files.

The improper disposal has been reported to the Miami Police Department and patients have been notified as a precaution, although no evidence has been uncovered to suggest any information has been viewed by unauthorized individuals or misused.

The files did not contain financial information or Social Security numbers, only names, birth dates, previous medical histories as provided by patients, and practice treatment notes.

All patient files will now be stored within its offices. The practice is in the process of transitioning to electronic medical records and all paper copies of records will be shredded once that process has been completed.

Author: HIPAA Journal

Share This Post On