Family Medicine East, Chartered in Wichita notifies patients of stolen computer

KWCH reports:

A Wichita medical clinic says a computer containing patient information was stolen in December.

Family Medicine East, Chartered, 1709 S. Rock Road, sent a letter to patients on Friday. The clinic says someone broke into the office on Dec. 8 and stole the desktop computer and a printer.

Read more on KWCH.

FME has posted a notice on their web site about what they described as a breach affecting “a large number of patients.” The Wichita Eagle reports that approximately 6,800 are affected:

On December 8, 2016, an unknown person broke an exterior window to gain entrance to the locked offices of Family Medicine East, Chartered, 1709 S. Rock Road in Wichita. The intruder took a desktop computer and printer. The incident occurred shortly before 5:00 a.m. Police were promptly notified but have not to date apprehended the thief, nor have they recovered the stolen computer or printer.

An examination of files backed up from the computer revealed that a significant number contained images of typed office notes dictated by Family Medicine East physicians during 2002 and 2003. The notes document many of the patient appointments that took place during those years. They included the name of the patient, the patient’s date of birth, the date of the appointment and the name or initials of the physician or PA who saw the patient on that date. Most of the notes also describe the patient’s condition at the time of the examination and the physician or PA’s findings, diagnosis and orders.

A small number of files also contain letters regarding specifically-identified patients. Most of the letters were written to other physicians regarding the referral of a Family Medicine East patient to the recipient. The letters also identify specific patients by name and include information regarding their medical condition.

The notes and letters do not include or identify the patient’s address or social security number. They were typed by transcriptionists engaged for that purpose in 2002 and 2003. The files remained on the computer that was stolen as a result of an employee’s oversight, and were not detected during a number of risk analyses undertaken prior to the theft, as part of efforts to secure all individually identifiable health information.

The information on the stolen computer was not encrypted. Because the typed office notes and letters do not include patient addresses or social security numbers, it is hoped that the risk of the information being misused is low. Nevertheless, patients who saw a physician or PA at Family Medicine East in 2002 and 2003 are strongly encouraged to take steps to eliminate or minimize potential harm that could be caused by the theft. This includes, but is not limited to, obtaining credit reports from one or more of the major credit reporting agencies, and monitoring financial and baking accounts for unauthorized activities.

By law, consumers may request a free copy of their credit report once every 12 months from each of the three major credit reporting agencies — Equifax, Experian and TransUnion. These agencies have established a website that patients can use to order a free credit report. The free report can be requested online at www.annualcreditreport.com, by telephone at 1-877-322-8228, or by mail addressed to Annual Credit Report Service, P.O. Box 105281, Atlanta, Georgia 30348-5281.

Patients concluding that they wish to place a fraud alert on their credit report should contact one of the credit reporting agencies to make such a request. They can be reached as noted below. As soon as one credit bureau confirms a patient’s request for a fraud alert, the other two credit bureaus should be automatically notified so as to cause a fraud alert to be included in their records with respect to the patient’s credit report, as well.

Equifax: 888-766-0008; www.equifax.com; PO Box 740241, Atlanta, GA 30374-0241

Experian: 888-397-3742; www.experian.com; PO Box 9532; Allen, TX 75013

TransUnion: 800-680-7289; www.transunion.com; PO Box 2000, Chester, PA 19016

Family Medicine East has agreed to make credit report monitoring services available to patients identified in the typed records stored on the stolen computer, at no cost to the patient. For further information or to determine eligibility, patients may contact Family Medicine East toll free at 844-883-2188 or at 316-689-6607.

While Family Medicine East hopes to recover the stolen computer, this may not be possible. As part of its ongoing effort to prevent breaches of protected health information, Family Medicine East began the process of encrypting health information stored on laptop computers used by the doctors, PAs and nurses for patient care some time ago. The burglary and theft did not result in any breach of the group’s electronic medical records system, which has been in use since September, 2007; however, in the hope of reducing the risk for potential harm in the future, Family Medicine East has now completed the process of encrypting all protected health information on computers, and has taken other steps to strengthen the security of its information systems since the break-in.

For further information, please contact the special information line at Family Medicine East by calling the toll-free number 844-883-2188 or 316-689-6607, or email at [email protected]

About the author: Dissent