The breach potentially impacted 2,859 Saint Thomas patients, the organization said in an online statement.
Hospital documents belonging to Saint Thomas Rutherford Hospital were found along a remote, rural road in DeKalb County.
The misplaced documents contained information including patient names, dates of birth, admitting diagnoses, account numbers, and physician name.
However, an investigation into the incident revealed the documents did not contain any patient Social Security numbers or patient medical records.
READ MORE: Airway Oxygen Ransomware Attack May Affect PHI of 500K
The reports contained a small sample of patient census logs taken throughout 2009 and 2010.
Presently, investigators have not revealed the identity or identities of individuals responsible for the incident.
“Protecting the privacy of our patient’s information is always a top priority for us at Saint Thomas Health and Ascension,” said Corporate Responsibility Officer and Corporate Privacy Officer of Saint Thomas Health Cynthia Figaro. “Once we were made aware of this breach, we immediately investigated the incident to ensure that no further disclosures were made. Based on our investigation, we do not believe that there is a financial risk to our patients. We sincerely apologize for this incident.”
Saint Thomas has notified potentially impacted patients and hired a vendor to ensure all storage files are secure and accounted for before being destroyed.
The health system has also set up a call center to answer any questions concerned patients may have regarding the safety of their information.
READ MORE: Improper Disposal Creates PHI Security Concern for 1.8K
Potential ransomware infection hits Cleveland medical center, encrypts PHI
On April 21, 2017, Cleveland Medical Associates found that its computer network had potentially been infected by ransomware the previous night.
While information on the computer had been encrypted and locked, Cleveland Medical said in a statement posted to its website that no evidence exists to suggest patient data has been compromised.
Additionally, the ransomware infection has not impacted the medical center’s ability to care for its patients.
In response to the incident, Cleveland Medical implemented a new medical records system and analyzed its security procedures in an effort to avoid similar incidents in the future. The medical center also hired a forensic…
Click here to read more