DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Notice Regarding Missing X-Rays for El Centro Regional Medical Center Patients

Posted on May 15, 2013 by Dissent

Could this breach be related to the one recently disclosed by Raleigh Orthopaedic Clinic? There are some obvious similarities, but neither entity names the third party vendor.

The May 13 press release from ECRMC:

EL CENTRO, Calif., May 13, 2013 (BUSINESS WIRE) — On March 22, 2013, El Centro Regional Medical Center (ECRMC) was notified that x-rays ECRMC had provided to a trusted vendor for digitization and destruction were missing from a storage warehouse and may not have been properly destroyed. ECRMC immediately began a thorough internal investigation to determine what happened to the x-rays, but has been unable to find the missing x-rays. ECRMC has also not been able to make contact with the vendor. The radiology films and records are for dates of service prior to February 2011. As a precaution, ECRMC began sending letters to affected patients on May 7 to let them know this occurred.

ECRMC has no information that any of these documents were improperly viewed or accessed, or that any of the information in the documents has been misused in any way. To make sure our patients are protected, ECRMC is urging eligible patients who may be affected to use the resources the hospital is providing to check their credit and sign up for free credit monitoring.

The missing documents include patients’ x-rays, paper jackets containing the films, and sometimes written interpretations. The information involved may include patient names, dates of birth, addresses, medical record numbers, ECRMC account numbers, physicians’ names, diagnoses, radiology procedures, radiology interpretations, health insurance numbers, and in some instances Social Security numbers.

ECRMC no longer does business with the vendor. ECRMC has set up a call center for patients who have questions and has posted this information on its website at http://www.ecrmc.org/news-&-updates/&/view/event/id/118/.

ECRMC deeply regrets any concerns this may cause its patients. To help prevent something like this from happening again, ECRMC implemented additional security measures to further protect us and our patients against unlawful individuals, including the investment in a program that assists in the credentialing of vendors and their representatives.

SOURCE: El Centro Regional Medical Center

The substitute notice linked from their home page:

El Centro Regional Medical Center (“El Centro”) is committed to protecting the privacy and security of the information we maintain on behalf of our patients. Regrettably, this notice concerns some of that information.

On March 22, 2013, law enforcement notified El Centro that x-rays we had provided to a trusted vendor for digitization and destruction were missing from a storage warehouse and may not have been properly destroyed. We immediately began a thorough internal investigation to determine what happened to the x-rays, but we have been unable to find the missing x-rays and have not been able to make contact with the vendor. The missing documents include patients’ x-rays, paper jackets containing the films, and sometimes a written interpretation. The information involved may include patient names, dates of birth, addresses, medical record numbers, El Centro account numbers, physicians’ names, diagnoses, radiology procedures, radiology interpretations, health insurance numbers, and in some instances Social Security numbers. We no longer do business with the vendor.

We have no information that any of these documents were viewed or improperly accessed, or that any of the information in the documents has been misused in any way.

We deeply regret any inconvenience this may cause you. To help prevent something like this from happening again, we are conducting a comprehensive internal review of our information security practices and procedures. We began sending letters to affected patients on May 7, 2013. If you believe you are affected but do not receive a letter by May 28, 2013, you may call toll-free 1-877-509-8356 Monday through Friday from 6:00 a.m. to 4:00 p.m. Pacific time.

Related posts:

  • Late notification raises questions about a US Radiology Specialists breach last year
  • Attorney General James Secures $450,000 from US Radiology Specialists for failing to protect patient data
  • How many were affected by ADPI-Intermedix breach: help track this breach
  • Northeast Radiology notifies patients of PACS data security incident
Category: Health Data

Post navigation

← Unions eye medical privacy violation
South Bend dentist office faced with computer security breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.