Anesthesia Associates of Kansas City notifies 3,472 patients after surgery schedules stolen from nurse anesthetist’s car
The notice on their web site:
Notice to Our Patients of Recent Privacy Incident
Anesthesia Associates of Kansas City is committed to protecting the confidentiality and security of our patients’ information. Regrettably, this notice is to inform our patients of an incident involving some of that information.
On December 16, 2018, we learned from an AAKC-employed nurse anesthetist that his bag, containing surgery schedules with patient information, was stolen from his vehicle on December 14, 2018. The theft was reported to law enforcement but the bag and contents have not been recovered. We immediately began an investigation and determined that the patient schedules may have included some patients’ names, dates of birth, types of surgery, dates of surgery, and the name of the patients’ surgeon. Patient addresses, social security numbers, insurance and financial information were not included on the schedules.
This incident did not affect all our patients. The bag only contained a few surgery schedules but we could not specifically determine exactly which schedules were included. In an abundance of caution, we notified certain patients who underwent surgeries from April 4, 2018 to December 14, 2018.
We have no indication that any patient information has been misused in any way; however, we mailed letters to affected patients on February 1, 2019. If you believe you are affected and do not receive a letter by March 1, 2019, please call 1-877-363-7799, Monday through Friday, between 8:00 a.m. and 8:00 p.m., Central Time. We also recommend that affected patients review the statements they receive from their healthcare providers. If they see services they did not receive, please contact the healthcare provider immediately.
We deeply regret any inconvenience or concern this incident may cause our patients. To help prevent something like this from happening in the future, we have reinforced our policy prohibiting the non-essential removal of patient information from the facility and implemented new requirements designed to safeguard patient data if there is a necessary reason to take information out of the facility.