One of the recent additions to HHS’s public breach tool was an entry for Graybill Medical Group in California, who reported a breach that affected 1,863 patients.
A notice on their web site explains that on October 20, they notified affected patients whose protected health information was accidentally disclosed when x-ray films slated for secure destruction were mistakenly placed in a dumpster by evening janitorial staff. The x-rays contained patient names, addresses, phone numbers, dates of birth and medical provider identification. They did not contain social security numbers or any other medical information, Graybill notes (although I would think the x-rays themselves contain medical information if they show any abnormalities, etc.).