There’s a follow-up to a breach that was first disclosed by CBS in Chicago in February. The incident, involving patients of Suburban Lung Associates, was reported to HHS in April as affecting 2,984 patients. The following is the press release from Attorney General Lisa Madigan’s office:
Chicago — Attorney General Lisa Madigan today filed a lawsuit against a Chicago area document storage company for exposing thousands of patient medical records that contained names, dates of birth, social security numbers and other sensitive personal information.
Madigan’s lawsuit was filed Tuesday in Cook County Circuit Court alleging FileFax Inc. failed to protect sensitive patient information after hundreds of files containing complete medical records were discovered discarded in a dumpster outside of its Northbrook office.
“This company brazenly violated the law and jeopardized the personal information and privacy of thousands of Illinois residents,” Attorney General Madigan said.
The records belonged to patients of Suburban Lung Associates, which operates in numerous north and northwest suburban Chicago locations. Suburban Lung Associates contracted with FileFax to maintain and destroy patient medical records.
The lawsuit alleges FileFax failed to provide safe, secure and proper collection, retention, storage and destruction of Suburban Lung records. In some instances, the lawsuit alleges, FileFax disposed of Suburban Lung records in an unlocked garbage dumpster outside of its facility that was accessible to the public.
The lawsuit alleges violations of the state’s Personal Information Protection Act, which ensures consumers’ personal information is protected in Illinois, and the state’s Consumer Fraud and Deceptive Business Practices Act.
Assistant Attorneys General Matthew Van Hise and Yangsu Kim are handling the case for Madigan’s Consumer Fraud Bureau.
SOURCE: Attorney General Lisa Madigan
Update/Note: Filefax reportedly works for numerous medical facilities including Suburban Lung Associates, which is affiliated with Alexian Brothers Medical Center, Central DuPage Hospital, St. Alexius Medical Center, Edward Hospital, Northwest Community Hospital and Lutheran General Hospital.