Stay on top of the physical risks that threaten your organization with our Physical Security Breach Roundup. We bring you the most recent physical data breach and drug diversion announcements each month. If you want to learn more about what you can do to minimize the risk of your facility ending up on this list, we can help.
SSM Health St. Mary’s Hospital in Jefferson City, Missouri is the site of a massive paper data breach that impacted 301,000 individuals. St. Mary’s reports that on June 1, they were notified that documents and “other materials containing patient information” were found in an area of the old hospital campus, a site that was being prepped for demolition. The documents included financial, demographic, and/or clinical data, with most instances involving limited information such as a solitary name or medical record number. SSM health reports that they do not feel the incident posed a significant risk to patients, though it does count as a privacy breach under HIPAA.
Ambercare Corporation reported that on May 30, they were notified of the theft of a laptop that exposed the PHI of 2,254 hospice patients. The laptop contained information including names, dates of birth, addresses, diagnostic and clinical information, as well as social security numbers. The laptop was protected by a password, and there is no evidence that the information had been accessed.
While data breaches are common year ‘round, July stood out with 31 security incidents placing 858,411 patients at risk, according to HHS OCR. Two of the largest breaches, impacted providers while the second largest was traced back to a networking breakdown company. Improper disposal topped the list of types of breach with 317,154 patients while unauthorized access/disclosure came in at 245,597.
Paper records tend to get lost in the hospital breach shuffle, but 2018 is teaching us the importance of taking them seriously. As of July, 757,344 paper or film records had been reported as breached. This includes incidents of loss, theft, unauthorized disclosure, and improper disposal. The bulk of the records, 582,174 were a result of a single break-in at the California Department of Developmental Services, reported in April.
As the year rounds out, we’re starting to get a better look at the healthcare breach landscape. Becker’s Hospital Review reports that we’ve seen 229 data breaches that have impacted 6.1 million individuals so far this year. Number two on the list of the largest breaches goes to the California Department of Developmental services mentioned earlier.
Is it time to re-evaluate your data security practices? Senseon’s electronic cabinet locking offerings can be an integral part of any proactive facility’s PHI security initiatives.