Another HIPAA violation brings to light the importance of selecting a reliable document destruction vendor. Texas Health Harris Methodist Fort Worth had to notify 277,000 patients of a HIPAA breach due to patient microfilms being found in public locations.
The Texas hospital contracted with a Toronto-based shredding company to destroy the microfilms that contained patient information. Instead of destroying all the documents, a few of the films were found in a nearby park. The microfiche contained name, address, date of birth, clinical information and in Social Security Number.
Employers should be advised to monitor their document destruction vendors and receive assurances that all information was disposed properly.
