A story over at Gov Info Security details a recent HIPAA breach involving paper-based records that were dumped on a city street on the way to be disposed.
“During transport, a small quantity of records were released on Fowler Street in Fort Myers, Florida,” the statement says. “This incident resulted from the condition of the container used by Lee County Solid Waste Division to transport the records and the Lee County driver’s failure to properly secure the container door.”
The Covered Entity, Radiology Regional Center is now facing a very large data breach of 483,000 individuals.
Radiology Regional Center, Fort Myers, Fla., on Feb. 12 reported the breach to the U.S. Department of Health and Human Services and is notifying more than 483,000 individuals.
This case is a perfect example of why it is still important to protect paper-based patient records. A lot of attention is on electronic patient records but healthcare organizations still maintain paper-based patient records that need to be protected.
The other important lesson here is that Covered Entities need to be very concerned with their Business Associates. In this case, a mistake by a Business Associate has resulted in a very large HIPAA breach that will have financial and reputation harm to the Covered Entity.