April 27, 2018
Throughout a period of three and a half years, 1,071 patients of Des Moines Crisis Observation Center, who received medical services, have been contacted to inform them that some of their protected health information has been “inadvertently and unintentionally disseminated”.
The HIPAA violation was found on February 14, 2018, even though the inquiry indicated that information started being exposed on June 1, 2014, and continued until January 11, 2018. The kind of information retrieved includes patients’ identifications together with Social Security details, Medicaid ID numbers, admission dates, addresses, and discharge clinics.
Utilizing the Crisis Observation Center, Polk County Health Facilities delivers mental health facilities for citizens of Polk County, IA and is the local administrator and governing board for mental health and disability facilities for the county.
Polk County Health Services knows who got the info and were able to decide the kinds of information that has obtained by them. The description for the impermissible exposure of protected health information and how PHI came to be exposed was not outlined in the substitute breach notification circulated on the Polk County Health Service official website.
Steps have been taken to halt any more disclosures of private info or protected health information, and also to halt any more propagation of the data. The steps taken contain providing additional training to workers on the significance of protecting the secrecy of patients and the application of additional computer safety safeguards and protocols to stop the illegal retrieving and exposure of PHI.
No statements have been submitted to indicate any patient’s PHI has been wrongly used; nevertheless, as a protection, all people impacted by the breach have been provided free credit checking facilities for one year. Warnings were mailed to impacted people in April and the occurrence has been made known to the Department of Health and Human Services’ Office for Civil Rights (OCR).