Polk County Health Services, Inc., in Iowa recently started notifying 1,071 patients seen at the Crisis Observation Center in Des Moines, Iowa between June 1, 2014 and January 11, 2018. According to a statement issued on April 13, Polk County Health Services, Inc. “accidentally and unknowingly disseminated” personal and protected health information for patients seen during that time period. They first became aware of the breach on February 14, 2018.
The information unknowingly disclosed includes: full name, home address, Social Security number, Medicaid identification number, date of admission to the Crisis Observation Center and discharge location. The statement from PCHS indicates that they do not have evidence the information was improperly used.
PCHS’s notification did not explain how the data were accidentally disseminated, nor how PCHS discovered the breach on February 14, 2018. Email requests for clarification to the Executive Director of Polk County Health Services, Inc. and to the Privacy Officer for Polk County Health Department Director have been unanswered as yet. The incident has been reported by PCHS to HHS and appears on HHS’s public breach tool.
You can read the entire notice from PCHS’s web site, below:hipaa-breach-media-notification