DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MN: Northfield Hospital & Clinics patients notified of breach after PHI accidentally disposed of improperly

Posted on November 25, 2014 by Dissent

From Northfield Hospital & Clinics web site on November 21:

Patients to be notified of breach of patient information

Northfield Hospital & Clinics is in the process of directly notifying 1,778 patients about a recent breach in the handling of protected patient information.

The notification stems from an incident over a period of eight days in late October when documents containing protected health information were comingled in error with other refuse and placed in commercial dumpsters for disposal. The unsecured documents may have included patient names, account numbers, birth dates, home addresses, types of treatment, insurance information, medical information, and, in a few cases, credit card information.

Hospital officials say they are confident the documents went directly to a secured landfill. But out of an abundance of caution, patients are being notified and offered assistance in monitoring their financial accounts.

“We sincerely apologize to our patients for the breach,” said Steve Underdahl, President and CEO of Northfield Hospital & Clinics. “We are committed to being good stewards of protected patient information and honoring our promise of confidentiality. We very much regret that this incident occurred. We are learning from it and are emerging  with more secure protocols.”

Patients involved will receive a letter offering them resources to guard against identity theft. An 800 number will be established for people to call with questions and for help in minimizing their exposure. The number will be published next week on the Northfield Hospital & Clinics website. Northfield Hospital & Clinics is also offering free credit monitoring for a period of twelve months.

As a result of the breach Northfield Hospital & Clinics, steps are underway to further improve the security of operations and eliminate future risk. For instance, desk-side recycling containers have been removed in favor of more secure, centralized confidential waste containers. Staff is being educated on best practices for the handling confidential waste and cleaning personnel will be supervised until further notice.

Underdahl said a very small subset of patients is affected by this breach, but he said an incident like this is always taken seriously.

“We are confident that our patients’ exposure is minimal,” he said. “But we always want to error on the side of caution and do what we can to mitigate the impact of the incident.”

Northfield Hospital & Clinics is an independent, city-owned healthcare organization providing hospital and clinic services to residents of Northfield, Lonsdale, Elko New Market, Lakeville and Farmington.

On November 25, they posted:

Contact number announced for those with breach questions

November 25, 2014

Patients who have concerns or questions regarding Northfield Hospital & Clinics recent breach in the handling of private patient health information can call 1-877-615-3768 for assistance.  Staff will be available to help you take steps to minimize your exposure to identity theft.

Hospital officials are confident that no patient information fell into the hands of outside agents. The paper documents were comingled with other refuse in error. Instead of being shredded, they were sent to a secure landfill.

The hospital is required to report the incident and take remedial action because it potentially affects more than 500 patients. Patients who are potentially affected will be notified by mail yet this week.

Category: Uncategorized

Post navigation

← Concerns raised over misplaced patient records at UNMCC
FL: Baptist Primary Care: Former employee found with patient information during traffic stop →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them
  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.