University of Miami

University of Miami Health System patients notified about lost records

February 10th, 2014

 

The University of Miami Health System (UHealth) one of Southern Florida’s largest health providers has lost patient records containing protected health information (PHI). It had recently begun to notify about the incident to the patients.

Information on the file contained patient names, dates of birth, physician’s name, insurance company name, medical record name, visited facility, visit number, procedures, diagnostic codes, and Social Security numbers. Uhealth didn’t disclose the number of patients affected.

“Medical records are not at risk, but in an abundance of caution, the University is notifying all individuals whose information was included in the missing records,” a written statement by the Health System mentioned.

In July, an off-site storage vendor was contacted by the Department of Otolaryngology to locate the records but was unable to find it. After confirmation they notified about the lost records. Uhealth is offering credit monitoring services for all the affected patients. It further added as patients were notified after six months of the incident, it is unlikely of misuse in coming days.

Theo Karantsalis, whose son was treated by the department said, “The one thing we expect is that your patient records are going to be kept confidential.”

According to Uhealth’s Statement it will report the incident to HHS. Below is complete excerpt of the report:

“The University of Miami Health System (UHealth) is committed to providing our patients the best possible care and to protecting the confidentiality of our patients’ health information. On June 27, 2013, the Department of Otolaryngology, while attempting to retrieve records stored at an offsite storage vendor, was notified that the vendor was unable to locate the records. After an exhaustive search, it was confirmed on August 28, 2013, that the records were not in the possession of the University or the storage vendor.

Everything we’re giving out is on the release

These records consisted of billing vouchers (documents used for internal billing purposes). Vouchers contain the name, date of birth, social security numbers, physician name, facility, insurance company name, medical record number, visit number, procedure and diagnosis codes for the patient’s visit. Vouchers are documents used for internal billing purposes ONLY. Medical records are not at risk.

At this time, there is no indication that the information has been misused in any way.

In an abundance of caution, the University is notifying all individuals whose information was included in the missing records. The University also is offering potentially affected patients complimentary credit monitoring protection and has established a website to serve as a primary source of information, as well as a toll-free number for additional questions.

Only patients who were seen at the Department of Otolaryngology may potentially be affected by the incident. Potentially affected patients will receive a notification letter.

University computer systems are completely unaffected by this incident. All patient information remains current and available on these systems.

At the University of Miami Health System, we take the privacy and security of our patients’ information very seriously. We continue to review and refine our physical and electronic safeguards to enhance protection of all patient data. We are committed to protecting all information entrusted to us, and pursuant to the Federal HITECH Breach Notification Rule, we will report this incident to the U.S. Department of Health and Human Services.

Available around the clock, the University’s incident website is http://entincident.med.miami.edu. The toll-free incident line, 866-274-4371, is available from 9 a.m. to 9 p.m. EST Monday through Friday and from 11 a.m. to 8 p.m. EST Saturday and Sunday until April 30, 2014.”

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta