The issue came to light in October when a Sidney Health Center employee reported concerns about the physician’s actions. Following an investigation using privacy monitoring tools, the breach was confirmed Nov. 7, according to a Jan. 3 news release. The health center requested the return or destruction of all affected documents, but the physician failed to cooperate fully.
The improperly saved documents included sensitive information such as patient names, dates of birth, medical record numbers, medical histories and treatment details, including dates of service, provider names, diagnoses and medications. However, Social Security numbers, health insurance IDs and financial information were not involved in the breach, according to the health center.
Sidney Health Center said it is notifying affected patients in compliance with federal privacy laws.
According to HHS’ data breach portal, 1,370 individuals were involved in the event.
