According to its web site, Prima CARE, P.C. is a large, multi-specialty medical group serving southeastern New England. Also according to their web site, a former employee improperly discarded binders with protected health information.
A notice linked from their home page explains:
Prima CARE has Recovered Documents Containing Patient Information
On June 4, 2015, Prima CARE was notified that two binders containing miscellaneous information related to patients treated by our health care providers between 2007 and 2012 were found on May 25, 2015 in the bushes near a parking lot at Dave’s Beach on Jefferson Street in Fall River. The following categories of information were included in the recovered documents: names, addresses, phone numbers, dates of birth, medical record numbers, hospital account numbers, insurance numbers, treatment date(s) and certain clinical information. One individual’s full social security number was included. There were various types of documents included in the binders and, therefore, no affected individual had every category of information identified. The binders were promptly returned after being discovered and are now safely in Prima CARE’s possession. An investigation determined that the binders were created by a former Prima CARE employee who used the information to track work performance, but had failed to appropriately file or discard the documents following their use. This was done without Prima CARE’s knowledge or consent, and in violation of our practices.
We take the privacy and security of our patients’ information seriously and have taken steps to mitigate the potential for any harm to result from this incident and to prevent a similar event from occurring in the future. We sent notification letters by first class mail to all affected individuals for whom Prima CARE has up-to-date contact information, offered complimentary credit monitoring services where appropriate, and notified prominent media outlets that are likely to reach our patients. We are also reviewing our policies and procedures and employee training programs and will make any changes that are appropriate in order to prevent a similar incident from occurring in the future.
If you did not receive a notification letter from Prima CARE and would like to determine whether your information was involved, please contact us toll free at (855) 804-4399 or email [email protected].
On July 29, Prima CARE submitted a breach report on the incident to HHS. Their report indicated that 1,651 patients had information in the binders.