Aleksandra Kostantinovic reports that an employee clearing out his belongs accidentally loaded patient records into his car, but contacted the hospital immediately when he realized what had happened:
The hospital records of approximately 6,500 patients were removed without authorization from the premises of Tri-City Medical Center in Oceanside on Aug. 8, the hospital announced.
A former employee took logs from the Emergency Department of patients who had been admitted to the hospital or transferred to other facilities between Dec. 1, 2013 and May 13, 2014. The records included: patients’ names, dates of birth, admitting physician, medical record number, diagnosis and admit date and time. The records, however, did not include Social Security numbers or financial information.
Read more on Times of San Diego.
Update: The following information was posted to Tri-City’s web site:
- Disclosure (pdf)
- Press Release (pdf)
- FAQ’s (pdf)
Update 2: When this breach was reported to HHS, it was reported as affecting 500 patients and coded as “theft.”