the staff of the Ridgewood blog
Ridgewood NJ ,the Valley Hospital in Ridgewood has begun notifying patients of a data breach risk, after documents containing patient names and medical record numbers were improperly discarded at an outpatient COVID-19 testing facility.
20% off all web services with Spark Driven https://1.sparkdriven.com/aff.php?aff=3
The Hospital was informed on Aug. 29 that “post-COVID-19 testing patient instructions were mistakenly being discarded in a marked recycling bin at an outpatient COVID-19 testing facility,”
According to the Hospital ,” From June 1, 2022 to September 1, 2022, Post Covid-19 Testing Instructions were mistakenly being discarded without being shredded at a Valley Hospital outpatient testing facility. These instruction sheets provide patients with care instructions following Covid-19 tests. The testing facility, used by patients scheduled for procedures at the hospital, moved on June 1, 2022, to a location that did not have a standard shredding receptacle.” The incident occurred between June 1, 2022 and September 1, 2022.
Patient names, medical record numbers, service dates, test names (Covid-19), location codes for their scheduled procedures, and the names of the providers administering the tests were involved in this incident.
Based on the limited nature of personal information involved, we do not believe notified individuals are at risk of identity theft or data misuse. At this time, there is no evidence that there has been any use or attempted use of the information exposed in this incident.
The review of the data was extensive, and all of the affected individuals were notified by mailed letters that went out on October 13, 2022. If you have not received a letter, your information was not involved.
Patients can contact Valley Hospital at 833-875-0797 between 9 a.m. and 9 p.m. weekdays or visit an online information site set up by the hospital.
HIPAA or no HIPAA, it’s all exceedingly sloppy almost everywhere.
Email registration for our Health Department-sponsored vaccination clinics, which includes a fair amount of personal and medical information, is open to OPRA (Open Public Records Act) request by anyone at all, according to a boilerplate message at the bottom of their replies.