A substitute notice by Dr. Robert Witham, M.D., F.A.C.P.:
The medical office of Dr. Robert Witham, M.D., F.A.C.P. was burglarized on April 16, 2012. Two computers containing patient information, office and medical equipment and various personal belongings of Dr. Witham were stolen. Port Angeles Police were notified and are conducting their investigations. An independent investigation has concluded that unauthorized use of patient and billing data is unlikely. All affected patient notification letters were mailed on June 7, 2012.
An investigation conducted by an independent security company revealed that personal information, including patient name, address, Social Security number, office amount charges, ICD-9 diagnosis codes and date of birth were in the records on the computers. All paper billing records and charts containing health information, labs, x-rays or communications with other health care providers were not affected by this incident.
Dr. Witham is a practicing physician since 1979 and recently resumed regular office hours in Port Angeles. As a result of this incident, Dr. Witham has implemented security procedural changes including encrypting patient data to meet current federal standards. Patients not seen for more than 5 years will have data removed from the billing program. In addition to procedural changes, Dr. Witham has contracted with ID Experts® to provide the affected individuals with a FraudStop™ Healthcare Edition membership and a toll-free number to answer questions about this incident. Patients with questions regarding this incident or to determine if they were affected can contact ID Experts at 1-866-841-7869.
This press release is in accordance with the Health Information Technology for Economic and Clinical Health (HITECH) Act. Robert Witham, M.D., F.A.C.P. has sent notification letters to the affected patients and the Department of Health and Human Services (HHS).
The incident has not been posted to HHS’s breach tool as of the time of this posting, so it’s not clear how many patients were affected.
Update: The breach was reported to HHS as affecting 11,136.