DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

MN: Northfield Hospital & Clinics patients notified of breach after PHI accidentally disposed of improperly

Posted on November 25, 2014 by Dissent

From Northfield Hospital & Clinics web site on November 21:

Patients to be notified of breach of patient information

Northfield Hospital & Clinics is in the process of directly notifying 1,778 patients about a recent breach in the handling of protected patient information.

The notification stems from an incident over a period of eight days in late October when documents containing protected health information were comingled in error with other refuse and placed in commercial dumpsters for disposal. The unsecured documents may have included patient names, account numbers, birth dates, home addresses, types of treatment, insurance information, medical information, and, in a few cases, credit card information.

Hospital officials say they are confident the documents went directly to a secured landfill. But out of an abundance of caution, patients are being notified and offered assistance in monitoring their financial accounts.

“We sincerely apologize to our patients for the breach,” said Steve Underdahl, President and CEO of Northfield Hospital & Clinics. “We are committed to being good stewards of protected patient information and honoring our promise of confidentiality. We very much regret that this incident occurred. We are learning from it and are emerging  with more secure protocols.”

Patients involved will receive a letter offering them resources to guard against identity theft. An 800 number will be established for people to call with questions and for help in minimizing their exposure. The number will be published next week on the Northfield Hospital & Clinics website. Northfield Hospital & Clinics is also offering free credit monitoring for a period of twelve months.

As a result of the breach Northfield Hospital & Clinics, steps are underway to further improve the security of operations and eliminate future risk. For instance, desk-side recycling containers have been removed in favor of more secure, centralized confidential waste containers. Staff is being educated on best practices for the handling confidential waste and cleaning personnel will be supervised until further notice.

Underdahl said a very small subset of patients is affected by this breach, but he said an incident like this is always taken seriously.

“We are confident that our patients’ exposure is minimal,” he said. “But we always want to error on the side of caution and do what we can to mitigate the impact of the incident.”

Northfield Hospital & Clinics is an independent, city-owned healthcare organization providing hospital and clinic services to residents of Northfield, Lonsdale, Elko New Market, Lakeville and Farmington.

On November 25, they posted:

Contact number announced for those with breach questions

November 25, 2014

Patients who have concerns or questions regarding Northfield Hospital & Clinics recent breach in the handling of private patient health information can call 1-877-615-3768 for assistance.  Staff will be available to help you take steps to minimize your exposure to identity theft.

Hospital officials are confident that no patient information fell into the hands of outside agents. The paper documents were comingled with other refuse in error. Instead of being shredded, they were sent to a secure landfill.

The hospital is required to report the incident and take remedial action because it potentially affects more than 500 patients. Patients who are potentially affected will be notified by mail yet this week.

Related Posts:

  • GA: Phoebe Putney Hospital notifies 6,777 patients…
  • CA: VA hospital in Long Beach may have improperly…
  • Oregon State Hospital + employee's car +…
  • Data breach at Monroe County Hospital & Clinics…
  • Tennessee Orthopaedic Clinics notifies HHS of…

Post navigation

← Concerns raised over misplaced patient records at UNMCC
FL: Baptist Primary Care: Former employee found with patient information during traffic stop →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • The Untold Story of a Massive Hack at HHS in Covid’s Early Days
  • Records reveal new information about Sweetwater Union High School District ransomware incident
  • HHS’ Office for Civil Rights Settles First Ever Phishing Cyber-Attack Investigation
  • Founder and Majority Owner of Cryptocurrency Exchange Pleads Guilty to Unlicensed Money Transmitting
  • Hackers hit Erris water in stance over Israel
  • Data breach by Addenbrooke’s Hospital reveals patient information
  • Millions of patient scans and health records spilling online thanks to decades-old protocol bug
  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net