From Florida’s Agency for Health Care Administration, Dec. 21:
HIPAA Notice of Improper Disposal of Protected Health Information.
The Agency for Health Care Administration has determined that certain inspection records which may contain protected health information were improperly disposed of on November 12, 2015. On November 13, 2015, the Agency discovered that old inspection records of health care facilities that had been placed in containers conspicuously marked for shredding inside a secure office suite, had instead been emptied by housekeeping staff into dumpsters for delivery to the landfill. The records may have contained names, birthdates, Medicaid and/or Medicare numbers, and medical conditions of patients of those facilities. If you received services in a nursing home, assisted living facility or home health agency from 2000 to 2007 in Baker, Clay, Duval, Flagler, Nassau, St. Johns or Volusia county, your Protected Health Information may have been compromised. When the Agency identified this breach, we took immediate action to improve our disposal procedures and educate staff on the proper disposal of Protected Health Information. For further information, including steps you may take to protect yourself from potential harm, you may call 1-888-419-3456, press 5 and ask to speak with the PHI Attendant.
Hmm. It doesn’t say anything about even attempting to notify individuals affected. So if you don’t read an agency’s web site, you don’t find out? Medicare and/or Medicaid numbers do not change, and many of those impacted could still be alive and now at risk of medical identity theft. While this may all be unlikely, it’s still a possibility of substantial injury.