Here’s one that you won’t see on HHS’s breach tool because it affected fewer than 500 patients:
Emmorton Associates (Emmorton Psych/Emmorton Treatment Services) in Abingdon, Maryland discovered that a counselor’s locked office file cabinet had been broken into sometime between December 10 and December 21. The files on 75 patients included their full names, date of birth, Social Security numbers, addresses and telephone numbers, diagnosis, treatment information, emergency contact information, and insurance information.
HHS was notified of the breach on December 27, and affected clients were notified by letter in January. Their report does not indicate that any patient files were actually stolen, but of course, they would have no way of really knowing whether any of the files were read by the individual who broke into the files.
Their report to the Maryland Attorney General’s office does not indicate whether the access to the counselor’s office was just unauthorized (but the office unlocked) or if the office itself – and not just the file cabinet- was locked.