Oakland, Calif.-based Kaiser Permanente is being investigated by state and federal officials for potentially violating patient privacy by failing to safeguard confidential patient records when storing files with an independent filing security company, according to an LA Times report.
In 2008, Sure File Filing Systems owners Stephan and Liza Dean were given the responsibility of storing and organizing old patient files from Moreno Valley (Calif.) Community Hospital shortly after it was acquired by Kaiser. However, no contract for the work was signed. According to the report, the couple stored nearly 300,000 patient records for Kaiser at a warehouse in Indio, Calif., which was also occupied by a party rental business.
The U.S. Department of Health started an investigation into Kaiser's conduct after the Deans complained about the healthcare provider's handling of its patient data. For instance, Mr. Dean said he received many unencrypted emails from employees of Kaiser about patient medical records.
According to the report, HHS has determined that Kaiser failed to safeguard patient medical records at Moreno Valley Community Hospital by giving files to the Deans without a contract. HHS is awaiting information from Kaiser on a correction plan before considering penalties, according to the report.
10 Best Practices for Data Breach Prevention, Response Plans
5 Steps to Manage Mobile Devices, Safeguard Patient Health Information
In 2008, Sure File Filing Systems owners Stephan and Liza Dean were given the responsibility of storing and organizing old patient files from Moreno Valley (Calif.) Community Hospital shortly after it was acquired by Kaiser. However, no contract for the work was signed. According to the report, the couple stored nearly 300,000 patient records for Kaiser at a warehouse in Indio, Calif., which was also occupied by a party rental business.
The U.S. Department of Health started an investigation into Kaiser's conduct after the Deans complained about the healthcare provider's handling of its patient data. For instance, Mr. Dean said he received many unencrypted emails from employees of Kaiser about patient medical records.
According to the report, HHS has determined that Kaiser failed to safeguard patient medical records at Moreno Valley Community Hospital by giving files to the Deans without a contract. HHS is awaiting information from Kaiser on a correction plan before considering penalties, according to the report.
More Articles on Protecting, Securing Patient Data:
4 Health IT Security Predictions for 201310 Best Practices for Data Breach Prevention, Response Plans
5 Steps to Manage Mobile Devices, Safeguard Patient Health Information