The HHS breach tool has added three new incidents:
Indiana Regional Medical Center in Pennsylvania reported that 1388 patients were notified of a September 28, 2010 incident involving the theft of paper records. The incident had been reported in the media earlier this month. The Indiana Gazette reported:
Indiana Regional Medical Center has put more than 500 patients on notice that hospital records pertaining to them may have been compromised. However, patients’ personal information is not at risk, the hospital said.
Hospital spokesman Mark Richards said most of the records were a variety of paperwork reporting what he called “benign” administrative information produced on a day-to-day basis, such as bed rosters. In three or four instances, though, the records included some medical information — but not detailed medical histories — about patients, he said.
But he said the information was not intended to be used for illegal purposes. “It’s nothing anyone should be concerned about,” he said.
The hospital said a former employee took the records when she left the hospital in September 2010 and had planned to use them as evidence in a legal dispute with a physician.
Read more in The Indiana Gazette.
In other newly added incidents:
MMM Healthcare, Inc. in Puerto Rico reported that 29,143 patients had protected health information on a computer that was stolen March 8th.
PMC Medicare Choice in Puerto Rico reported that 22,568 patients had protected health information on a computer that was stolen March 8th.
Both MMM Healthcare and PMC Medicare Choice rang a bell, and it appears that they also filed breach reports with HHS last year that I had reported on this blog.
PMC Medicare Choice
State: New York
Business Associate Involved: MSO of Puerto Rico
Approx. # of Individuals Affected: 605
Date of Breach: 2/04/10
Type of Breach: Other
Location of Breached Information: Paper RecordsMMM Health Care Inc.
State: New York
Business Associate Involved: MSO of Puerto Rico, Inc.
Approx. # of Individuals Affected: 1,907
Date of Breach: 2/04/10
Type of Breach: Other
Location of Breached Information: Paper Records
I don’t know if they share one office/location, but it seems every time one of them reports a breach, the other reports one, too, although one of the incidents was New York and the other Puerto Rico.