DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

FL: Radiology Regional Center Notifies Patients After Paper Records Fell Out of Vendor’s Truck

Posted on February 15, 2016 by Dissent

Radiology Regional Center, PA, a physician-owned and managed diagnostic facility with nine locations in Florida, announced today that on December 19, 2015, Radiology Regional Center was informed by its records disposal vender (sic), Lee County Solid Waste Division (“Lee County”), that, on that same date, paper records containing the personal information of Radiology Regional Center’s patients were released by Lee County on Fowler Street in Fort Myers, Florida.  The records were released while Lee County was transporting the records to be incinerated.  This release is being issued in accordance with guidelines from the Health Insurance Portability and Accountability Act (“HIPAA”).

Impacted patients have already been notified in accordance with HIPAA. To the best of Radiology Regional Center’s knowledge, these records, which date from 2005-2012, may have contained patient names, addresses, phone numbers, social security numbers, dates of birth, health insurance numbers, and other medical status and assessment information as well as financial information gathered in the patient medical and financial records.

As soon as Radiology Regional Center learned of the incident, every effort was made to retrieve the records, including a foot search of the surrounding area by more than a dozen of its employees and physicians.  In an abundance of caution, a second search of the area was conducted by foot on December 21, 2015 and a third was conducted on December 22, 2015.   As a result of its numerous searches, Radiology Regional Center believes that virtually all of the records were retrieved.

While every effort was made to retrieve the lost records, Radiology Regional Center acknowledges that some records may not be retrieved and so has notified potentially affected patients of the incident and presented them with the following steps they can take as precautionary measures.

Radiology Regional Center has advised potentially impacted patients to (1) place a 90 day fraud alert on their credit file, (2) review a free copy of their credit report, and (3) review their explanation of benefits statements.  Radiology Regional Center is also offering potentially affected patients with complimentary credit monitoring services.

Radiology Regional Center is taking this matter very seriously and has conducted a thorough investigation to mitigate the circumstances resulting from this incident and to ensure an incident like this does not happen again.  Any affected patients may call 877-853-3045 for additional information, Monday through Friday, 6:00 a.m. to 6:00 p.m. PST (closed on U.S. observed holidays).

For additional information please visit the FAQs at http://radiologyregional.com/.

SOURCE: Radiology Regional Center

 

The FAQ on their site explains:

This incident resulted from the condition of the container used by Lee County Solid Waste Division to transport the records and the Lee County driver’s failure to properly secure the container door.

 

Related posts:

  • Late notification raises questions about a US Radiology Specialists breach last year
  • Attorney General James Secures $450,000 from US Radiology Specialists for failing to protect patient data
  • Northeast Radiology notifies patients of PACS data security incident
  • NY: Ringleader In Orange County Bank Fraud And Identity-Theft Scheme Convicted
Category: ExposureHealth DataLost or MissingPaperSubcontractorU.S.

Post navigation

← 22,000 dental patients’ info exposed on unsecured Eaglesoft FTP server
Jacksonville law firm victim of ransomware →

6 thoughts on “FL: Radiology Regional Center Notifies Patients After Paper Records Fell Out of Vendor’s Truck”

  1. Nicholas F. Sacca says:
    February 18, 2016 at 6:37 pm

    I am an affected person of this breach and received a letter from the company. Are there any attorneys out their planning a Class Action law suit on behalf of the many victims of this gross negligence?

    1. Donna R says:
      February 22, 2016 at 3:21 pm

      I also received a letter from the Radiology Regional Center on February 16th notifying me of the “potential” breach of my personal information. Their attempt to show their “concern” is to send out on foot more than a dozen employees & physicians on 3 separate days to locate over 400,000 personal documents is a joke! Then they insult our intelligence by claiming “that it is likely that your records were retrieved”. I was infuriated that their letter states that WE need to be “proactive” to take the required steps to ensure that our information is secure. I am a single mother with 2 children who works 40 hours a week. Please tell me when I can take your “proactive” steps to contact credit bureaus, banks, Social Security, IRS, checking/savings accounts, credit cards, explanation of benefits statements, etc. to ensure that my personal information is safe. I can’t even begin to tell you how much this stress & anxiety has impacted my life since receiving their letter. This was a breach of the HIPPA laws and something needs to be done to hold this company accountable!! Has anyone heard of any Class Action suits being filed on our behalf?

  2. Jim W says:
    February 19, 2016 at 8:26 pm

    The ultimate responsibility is Regional Radiology and not Lee County. Why is there not a manifest of items to be destroyed? What about people who are on Tricare military, and the spouse who is the primary, with their SSA number not notified? The CEO ‘s comments are mundane. There are no contact numbers or a list of management to access on the web site. Why? Yes, class action or singular suits must be the answer.

  3. Anonymous says:
    February 22, 2016 at 6:31 pm

    Big deal free credit reporting. I already purchase that through my employer . There must be a class action suit . I was sure told what it was going to cost me if there was a release in error working in Medical Records. Everyone knows the records are to be shredded before leaving the facility they are picking up from.

    1. Dissent says:
      February 22, 2016 at 7:22 pm

      No, everyone does not know that the records are to be shredded before leaving a facility, and there’s no law requiring that. Incineration meets HIPAA’s requirements for disposal, but in this case, the vendor transporting the records screwed up/had an accident. I’ve reported on a number of such incidents over the past decade.

      Keep in mind that there is no private cause of action under HIPAA, and most courts are tossing lawsuits if the plaintiffs cannot demonstrate actual injury/harm or imminent injury/harm. If the center believes it recovered the records, it may be hard to demonstrate injury or harm. Could the Florida Attorney General’s Office go after them? Probably, but again, not every accident or breach will result in successful legal action – and the vast majority don’t.

      I understand the frustration and anger, but a class action lawsuit, while causing legal expenses for the center, is not likely to give the plaintiffs/patients anything really useful.

      You might be better off filing complaints with HHS about the incident if you feel that strongly.

  4. Anonymous says:
    February 23, 2016 at 6:50 am

    keep the cops busy and off the streets file a police report. Once that’s done have a credit card with a decent limit. Then put a credit freeze on all three of the credit reporting agencies. Be warned that places that use your public info may not be able to process new requests (like the IRS for a PIN). Go to Krebs security online, he has all the details.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.