A security breach involving medical documents at Wake Forest Baptist Medical Center affected 357 people, including 136 patients and 221 past or current employees, the medical center said Thursday.
On June 1, the center said it fired an employee, Linda Bowden Turner, who had taken medical records and documents dating from 1995 to 2006 to a home she owns at 1721 Swing Drive in Winston-Salem and other storage sites under her control.
Winston-Salem police have charged Turner, 55, of 2100-B Old Salisbury Road, with larceny by employee in the incident. Turner was released with a written promise to appear in court. Her court date is July 22.
The center said the documents contained information that ranged from a Social Security number on an employment document to a page from a patient medical record.
"None of the documents discovered comprised a complete patient medical record," the center said. "The employment records date from a time when many hospitals used Social Security numbers as the employee identification number. Wake Forest Baptist discontinued this practice several years ago."
The center sent its report to the state attorney general's office on Wednesday. The office released the report on Thursday.
The report included a N.C. Security Breach reporting form, a description of the incident and a sample letter that Wake Forest Baptist mailed Thursday to affected individuals. It offered in the letter a free year of Debix credit-monitoring services, which require registration for use.
The letter was signed by Dr. Thomas Sibert, the center's president and chief operating officer. The center said the report represents the culmination of its investigation.
Noelle Talley, a spokeswoman for the attorney general's office, said state statute provides a detailed list of what must be included in the notice to individuals.
"If we had any reason to believe that consumers weren't given proper notice of a particular breach, that is something we could and likely would pursue further," she said.
David Freedman, Turner's attorney, has said she worked in administration at Wake Forest Baptist. He said Turner is a hoarder and had no ill intent. Wake Forest Baptist has said its investigation came to the same conclusion.
The center said 335 of the 357 individuals affected are from North Carolina. Overall, 296 people, including 284 from North Carolina, had information in the documents that is protected by the Identity Theft Protection Act of 2005.
"Although we do not have any information indicating that your information has been or will be misused as a result of this incident, we wanted to alert you and encourage you to take precautionary action," the letter said.
The center said it has tightened requirements related to authorization for removal of medical record documents and for securing confidential documents while in transit. It added annual training for employees.
The center said it has reported the incident and its investigation to the "appropriate regulatory agencies," including the U.S. Department of Health and Human Services and The Joint Commission, a national health-care oversight panel.
It said the Centers for Medicare and Medicaid Services requested a review of the incident by the N.C. Division of Health Service Regulation. It said the state agency "found no deficiencies in any conditions of participation." The agency could not be reached for comment on its findings.
The discovery of the documents is the second recent incident involving medical records' security at Wake Forest Baptist.
On Feb. 15, 2010, a bag containing a document with the names and Social Security numbers of 554 patients was stolen from an employee's locked car. The theft occurred in a parking deck at an off-campus outpatient clinic, Wake Forest Baptist said.
The center said the stolen list did not include any information about the patients' medical conditions. Wake Forest Baptist also sent letters to the affected patients, arranging for free credit and financial monitoring for a year.
Email
Facebook
Google
Twitter
Favorites
More
Advertisement