NYU Langone Medical Center's Hospital for Joint Diseases Notifies Patients Of Potential Data Breach

Another potential breach at NYU Langone Medical Center, it seems.  From their notice, posted August 22:

NYU Langone Medical Center’s Hospital for Joint Diseases (HJD) notified patients that documents containing limited personal information were mistakenly discarded, compacted and buried in a landfill outside of New York State. The documents consisted of paper tracking records of tissue used in orthopaedic surgeries performed at HJD in 2009 and 2010 involving approximately 2,600 patients, and did not contain financial information or social security numbers. There is no indication of adverse use of patient information.

The discarded documents contained patient name, date of birth, gender, name of the hospital, date of the surgery, and clinical information related to the surgery.  In some documents related to surgeries performed in 2010, patient name and date of birth were not included.

All patients for whom the medical center has a current address have been notified of this issue by first class mail, as required by the federal Health Information Technology for Economic and Clinical Health Act (HITECH Act).

NYU Langone Medical Center is committed to protecting the privacy and security of its patients’ medical information. Since this incident the medical center has taken affirmative steps and put in place additional security measures to ensure that document losses such as this do not reoccur.

The NYU Langone Medical Center’s Office of Compliance has set up a dedicated telephone line to address patients’ questions and concerns regarding this issue at 1-877-698-2333, Monday-Friday between the hours of 9:00 a.m. and 5:00 p.m.

According to HHS’s breach tool, the incident occurred on June 23.  HHS’s entry indicates 1,600 patients, however, not 2,600 as mentioned above, so I’m not sure which is the more current/accurate number.

About the author: Dissent

Comments are closed.