Statement from Jackson Health System in Florida:
Jackson Health System has conducted an internal investigation regarding several boxes of medical records that are unaccounted for and/or are missing from Jackson Health System Health Information Management (HIM) department.
Those 1,407 patients whose personal information was accessed have been notified and offered free credit card fraud protection. However, there was no breach of the most sensitive information, such as Social Security numbers, credit card numbers or financial statements.
After learning of this breach, a cross-departmental team performed a review and instituted a corrective action plan that includes additional training and the installation of security cameras throughout the HIM areas.
The safety and security of all Jackson Health System patients is a top priority. Any allegations about a breach in security and privacy are taken extremely seriously.
Jackson is committed to patient confidentiality and strictly adheres to all federal and state patient privacy laws. In order to protect our patients’ rights and private information, we enforce strict rules for those who handle patient information and continually educate all employees on privacy regulations.
In its coverage of this incident, the South Florida Business Journal reports that the breach was discovered by an internal investigation, but that’s not clear from Jackson’s statement. The Miami Herald reports that the boxes have been missing since January and that the records, which might include diagnoses, surgical procedures, and other healthcare data, were either on their way to be scanned electronically or returning from the process. Their coverage also includes some details of the corrective action plan.