277K impacted in Texas breach--largest ever?
Texas Health Harris Methodist Fort Worth is notifying some 277,000 patients that their protected health information has been compromised after hospital microfilms, which were supposed to be destroyed, were found in various public locations. This marks the biggest HIPAA privacy breach of 2013, if not the largest to date.
According to reports, Texas Health Fort Worth had contracted with Toronto-based Shred-it to destroy the confidential patient information, but the microfilms were not actually destroyed, as directed in the contract. Instead, a local resident found a portion of the microfiche in a nearby park in May. Additionally, three other sheets of microfiche were found in two other public areas.
The records on the microfiche contained patient names, addresses, dates of birth, medical record numbers, clinical information, health insurance information and some Social Security numbers.
According to a Texas Health website notice, Shred-it assured the hospital it had disposed of the microfiche remaining in its possession.
The microfiche included Texas Health Fort Worth patients seen between 1980 and 1990, according to reports. Patient notification letters were mailed out starting July 11.
According to the notice, the entire Texas health System has changed document destruction vendors.
This is the third signficant data breach for a Texas Health Resources hospital, according to data from the Department of Health and Human Services.
Editor
Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.