PHI of 842 Western Washington Medical Group Patients Exposed

by

Documents containing the sensitive information of 842 patients at Western Washington Medical Group were compromised on November 13, 2017. Apparently, the documents were thrown away with regular trash by mistake.

The sensitive documents in the shredding bins were supposed to be permanently destroyed in accordance with HIPAA Rules. However, instead of destroying them, the janitorial service emptied the shredding bins into regular trash bins. The next day, Western Washington Medical Group found out about the error. But it was too late to retrieve the documents as they were already collected for disposal in landfill sites.

The impact of the breach is limited to patients who visited WWMG Orthopedic, Sports and Spine centers for their medical services. But the following information had been compromised: names, addresses, medical histories, diagnoses, appointment dates, and health insurance billing information. Persons affected by the breach were sent notification letters on January 12, 2018 via first class mail.

It is possible that the documents could have been viewed by unauthorized persons, although the related risk is expected to be low. There was also no report of misuse of any PHI reported. But to be extra cautious about possible identity theft, the patients were offered free identity theft protection services for one year via ID Experts.  And to avoid similar incidents from happening, the janitorial staff were given additional training.

James Keogh

James Keogh has been writing about the healthcare sector in the United States for several years and is currently the editor of HIPAAnswers. He has a particular interest in HIPAA and the intersection of healthcare privacy and information technology. He has developed specialized knowledge in HIPAA-related issues, including compliance, patient privacy, and data breaches. You can follow James on Twitter https://x.com/JamesKeoghHIPAA and contact James on LinkedIn https://www.linkedin.com/in/james-keogh-89023681 or email directly at [email protected]