Stolen logbook and data breach

June 8th, 2016 by admin Leave a reply »

A physician’s logbook was stolen from a personal vehicle which caused a possible healthcare data breach. According to the reports, approximately 1,000 individuals were affected by the incident. The logbook consists of entires of Carondelet St. Mary’s and St. Joseph’s emergency rooms between October 14, 2015 and March 25, 2015. Affected information included names, dates of birth, ages, genders, hospital names, dates of hospital visits, hospital medical record numbers, hospital identification numbers, and descriptions of medical issues.

The incident didn’t violate the HIPAA rules as physician took the logbook out of the hospital and left it in her person vehicle. But it is not recommended practice.

Trish Markus, a North Carolina-based health-care attorney who focuses on data privacy and security said, “On the bright side, the compromised patient data did not involve Social Security numbers or payment information, making it less likely the patients involved will suffer adverse effects financially. But with details such as the patient’s name, date of birth and medical record number, the thief could attempt to pose as a patient by assuming his or her “medical identity.”

Arizona-based Emergency Medicine Associates published a statement about the possible healthcare data breach. Facility provides ER staffing coverage for the affected emergency departments and Carondelet Health Network deferred all questions to the staffing company.The incident did not involve Carondelet staff.

“The loss of (the logbook), other than the fact that it contains patient information, is probably less problematic for the emergency group from a business standpoint,” she said. “But from a reputational standpoint, obviously it’s never good when you have something like this happen.”

“EMA [Emergency Medicine Associates] takes safeguarding the privacy of its patients’ personal information very seriously,” said Privacy Officer for Emergency Medicine Associates Lori Levine, DO, FACEP, in a news release. “In response to this theft, EMA has reviewed and revised its policies regarding logbooks and provided additional training to its physicians so that incidents like this can be prevented from occurring in the future.”

Additional HIPAA training was conducted and all affected individuals of the potential healthcare data breach were notified.

————————————————————————————————————————————————————-

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Leave a Reply