During the last 2 months, there were many data breaches informed by HIPAA-protected units involving the theft or loss of physical files. During November, 7 breaches involving paper files were informed to the OCR of HHS, and an additional 5 cases were informed the earlier month.
Now one more case has been informed in Illinois. Franciscan Doctor Association of Illinois, as well as Subject Doctors of Illinois LLC, have found payment files which were preserved in a storing service are lost. The storing service in Chicago Heights was used by both doctor groups.
The theft/loss of the physical files are among the biggest breaches of the last few months, possibly affecting about 22,000 patients. The payment files were from 2010 and 2015-2017.
The cartons of records were verified as lost on November 21, 2017, with notices delivered on December 13, 2017. The missing of files was known after a normal request for records, however, the records couldn’t be found. A stock of the storing service was carried out, and 40 cartons of files were found to be lost and possibly thieved.
The files only had a partial volume of patient information linked to payments gotten, and contained names and addresses, payment amounts, office location, payment methods, and the last 4 numerals of credit card numbers. For a partial quantity of sick persons who paid their bills through check, their bank account number, routing number, as well as Social Security number were available in the records.
A few of the files from 2010 might also have contained procedure codes, descriptions of services provided, dates of service, provider names and addresses, diagnoses, kind of visit, dates of birth, facility-assigned account numbers, and insurance ID numbers.
Although it’s a probability that the records have been thieved, foul play isn’t doubted. Out of a profusion of care, people affected by the case have been provided 2 years of identity thievery safety facilities free of charge.