25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

South Fulton Mental Heath Center Discovers Dumped Medical Records

Posted By on Feb 15, 2017

Late last week, South Fulton Mental Health Center in Georgia discovered highly sensitive patient health records had been improperly disposed of in a dumpster that was accessible by the public.

A statement released by the clinic shortly after the records were discovered confirmed that an investigation had been launched into the HIPAA breach. “A preliminary review suggests that a staff member did not secure the files properly” during the move from the South Fulton Mental Health Center.

The files have now been retrieved and secured, although they were accessed by at least one individual. CBS46 was tipped off about the dumped records and a reporter was able to retrieve some documents from the dumpster before they were secured. The documents viewed by the CBS46 reporter contained patients’ names, Social Security numbers and other sensitive information.

An internal investigation into the incident is ongoing. While it is possible that an employee made an error and either left the records unsecured or accidentally dumped the records, this is now being viewed as a deliberate act.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Fulton County Commission Chairman John Eaves told CBS46 that “There’s at least one disgruntled employee who’s responsible for this.” Fulton County officials have confirmed they have identified the employee they believe is responsible. That individual has not been named although he/she had worked at the clinic for a number of years.

The employee is believed to have dumped the records in an act of retaliation to the decision by the clinic to start outsourcing its mental health services.

Fulton County is now checking all of the dumped records to find out which patients have been affected. Breach notification letters will be sent to all affected patients once that process is complete. At this stage, it is unclear how many of the clinic’s current and former patients have been impacted, although initial reports suggest that hundreds of patients have been impacted.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist