TRENDING:

$50,000 Fine in Records Dumping Case

Information on 757 patients found in a dumpster Howard Anderson (ismg_editor) • May 24, 2010    
$50,000 Fine in Records Dumping Case
A North Carolina urgent care center has paid a $50,000 settlement because its patient information was disposed of in a dumpster last year in violation of state law.

The four boxes of patient records from Prompt Med in Greensboro contained personal information on 757 individuals, according to State Attorney General Roy Cooper. The files included names, addresses, dates of birth, Social Security numbers, drivers' license numbers, insurance account numbers as well as personal health information.

The case predates the effective date of the HITECH breach notification rule , which requires notification of federal authorities for major breaches. The attorney general pursued penalties under a 2005 North Carolina law that requires businesses to destroy or shred disposed documents that contain personal identifying information.

In commenting on the incident last year, Prompt Med said a vendor hired to transfer records to a storage facility improperly disposed of them. The urgent care center terminated its contract with the vendor.

The North Carolina attorney general reported it's investigating several other cases involving improper disposal of documents, including one at a doctor's office in Roanoke Rapids.

Previous
FISMA Reform Bill Clears House Committee
Next
Gates Defines Military Cyber Command's Role

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.



Around the Network

Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.