DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Allina Health Isles Clinic notifies more than 6,000 patients of improper disposal of their records

Posted on December 24, 2015 by Dissent

First, the notice from Allina Health in Minnesota:

This notice concerns a privacy situation that occurred at the Allina Health Isles Clinic, located at 2800 Hennepin Avenue, Minneapolis, MN 55408.

On October 27, 2015, Allina Health discovered that in limited circumstances, containers which may have had documents with patient information were being emptied into a private trash dumpster instead of secure shredding bins.

Allina’s investigation determined that this may have been occurring since April 6, 2015. These documents may have included patient information, including names, dates of birth, medical record numbers, addresses, clinical information, the last four digits of social security numbers, and insurance information such as plan number (including social security numbers for individuals whose health insurance identification number is their social security number).

Allina Health is committed to protecting the privacy and security of its patients’ information. At this time, there is no indication that any Isles Clinic patient’s personal information has been misused in any way and Allina Health believes the risk is very low that any unauthorized person saw any of this information or used it inappropriately.

Nevertheless, Allina Health has mailed letters to all patients who had appointments at or were referred to the Allina Health Isles Clinic between April 6 and October 28, 2015. The letter explains the situation and offers one year of free credit monitoring/identity protection services to patients potentially affected by this situation.

Patients who wish to enroll in the credit monitoring/identity protection service or who have other questions should call toll-free 1-855-559-9708 from 8:00 a.m. to 6:00 p.m. (Central Time) Monday – Friday. (The call center will be closed on December 25 and January 1.)

Upon discovering the situation, Allina Health promptly initiated an investigation and determined that the trash dumpster was located in a locked garage only accessible to individuals with authorized access. The trash from the dumpster is picked up weekly and taken to a city-owned disposal center where it is eventually incinerated.

To address the situation, Allina Health has replaced the containers at the Isles Clinic with containers clearly marked for shredding and retrained clinic staff to dispose of documents containing identifiable patient information into designated locked shredding containers daily.

Allina Health recommends that patients regularly review statements from their accounts and periodically obtain a credit report from one or more of the national credit reporting companies.

A credit report may be obtained once every 12 months by either:

  • visiting  http://www.annualcreditreport.com,
  • calling toll free at 1-877-322-8228, or
  • by completing an Annual Credit Report Request Form (found at http://www.ftc.gov/bcp/menus/consumer/credit/rights.shtm) and mailing it to:
    • Annual Credit Report Request Service
      P.O. Box 105281
      Atlanta, GA 30348-5281

Information about identity theft, credit monitoring, and how to keep information secure is available at http://www.consumer.ftc.gov/topics/identity-theft.

Again, there is no indication that any Isles Clinic patient’s personal information has been misused in any way as a result of this situation.

Allina Health takes the confidentiality of our patients’ information very seriously and will continue to work to ensure that a similar situation does not occur in the future.

Contact us

Allina Health takes the confidentiality of our patients’ information very seriously and will continue to work to ensure that a similar incident does not occur in the future.

If there is anything we can do to assist you or if you have additional questions, please call us at 1-855-559-9708.

Christopher Snowbeck of the Star Tribune reports that more than 6,000 patients are being notified.

This is not the first report this week involving thousands of patients’ records having been improperly disposed. See also the Florida Agency for Healthcare Administration incident.

Nor is this the first time Allina Health has appeared on this blog for a breach.  See this report from 2011, this one from 2013.

Related posts:

  • MN: Apple Valley Clinic notifies 157,939 patients about Netgain Technology breach
  • Allina Health notifies Minneapolis Heart Institute patients of data breach
  • Notice for Allina Health patients regarding privacy incident
Category: ExposureHealth DataPaperU.S.

Post navigation

← Dumont hospital employees shocked Dr. Fernando Rojas returning to work
Physicians Health Plan of Northern Indiana notifies Indigo members whose billing statements were erroneously sent to others →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.