Paper documents containing patient data was stolen from the vehicle of an employee of Anesthesia Associates of Kansas City on December 14, 2018. A bag that contain patient schedules was left by the employee in his car. Information such as names, dates of birth, surgery dates, types of surgical operations and names of surgeons were included in the stolen patient data. The was no highly sensitive data like insurance information, Social Security numbers and financial details included in the stolen patient schedules. Hence, the threat of identity theft is minimal. Law enforcement already know about the incident, however, there is no report on the recovery of the paperwork yet .
Anesthesia Associates of Kansas City learned the occurrence of the theft on December 16, 2018. An investigation was started to pinpoint which schedules were stolen and the patients whose protected health information(PHI) was potentially exposed. According to the findings, it cannot be known with 100%confidence which patient schedules were stolen. As a result, Anesthesia Associates made a decision to dispatch breach notification letters to all patients who had their surgery at Anesthesia Associates starting from April 4, 2018 up to December 14, 2018. On February 1, 2019, the breach notification letters were mailed instructing all patients impacted by the breach to watch out for possible fraudulent activity.
Anesthesia Associates sent a breach report to the Department of Health and Human Services’ Office for Civil Rights, The report indicated the potential exposure of PHI of 3,472 patients.
Because of the breach, Anesthesia Associates of Kansas City toughened its policies governing the taking out of patient information from its facilities. The clinic has likewise created new policies and procedures for cases that require the taking of information off the site. Implementation of more security controls was undertaken to keep similar breaches from happening in the future.