Tri-City Medical Center in Oceanside, Calif., has acknowledged a breach of patient data after a stack of hospital admission logs was taken out of the hospital and put in a former employee's car, according to a report from San Diego Union-Tribune.
The admission logs were allegedly left on a records cart that the former employee used to transport personal belongings from the hospital. Louis Montulli, a member of Tri-City's Governance Committee, said in the report the employee accidently removed the patient records and notified him of the incident shortly after they had been put in the employee's vehicle. Mr. Montulli said in the report he advised the employee to give the records to the California Department of Public Health, which the employee did.
Mr. Montulli and the former employee estimate the records contained the names, birth dates and diagnoses of nearly 35,000 patients. No financial data or Social Security numbers were in the documents, according to the report.
Tim Moran, CEO of Tri-City Medical Center, indicated in the report that the hospital has not started notifying patients and is unsure if it is entirely necessary to do so. According to Mr. Moran, the patient logs were loaded on the cart for an inspection with The Joint Commission. The hospital has launched an investigation to determine why the records weren't returned to the hospital's locked record rooms after the inspection, according to Mr. Moran.
More articles on data breaches:
Community Health Systems hacked, 4.5M patients' information compromised
Hacked computer potentially compromises PHI of 60k Tennessee government employees
Potential data breach at Jersey City Medical Center due to lost computer disk