Dave Savini reports:
A massive breach of medical records containing confidential personal information has prompted both federal and state investigations. It all started when CBS 2 Investigator Dave Savini got a tip about what a dumpster diver found in the trash.
Suburban Lung Associates has numerous offices affiliated with major hospitals. Charts belonging to their patients were just tossed in a dumpster.
[…]
Filefax, a Northbrook company, stores and moves hospital records. CBS 2 found the company dumpster filled with medical records that should have been shredded or disposed of in a manner to protect patient privacy. There were even medical records left in a parked company car which could easily be read by anyone walking nearby.
CBS obtained a statement from Suburban Lung Associates:
Suburban Lung Associates takes the privacy and security of our patients’ records very seriously.
Upon learning that some information about previous patients may have been compromised as a result of actions by a third-party vendor, we immediately began an active investigation. We are working cooperatively with law enforcement to assess the situation.
Based on what we know now, we believe this is an isolated incident involving patient records from 2004. We deeply regret these circumstances and are committed to keeping patients informed.
Suburban Lung Associates, like many healthcare providers, relies on reputable third-party vendors to retain and, when appropriate, securely destroy patient records. Suburban Lung Associates’ policy with the vendor involved in this situation specifically mandates that all records be destroyed before they are discarded. We are investigating what may have occurred in this instance and are taking further steps to prevent a recurrence.”
Read more on CBS Chicago.