Officials at the New Braunfels, Tx.-based Hope Hospice have notified 818 patients that through a routine internal compliance audit on February 25, 2013, it discovered a potential security breach after finding an employee had e-mailed a report of recent referral and admission activity to themselves via an unsecured channel on December 27, 2012 and February 22, 2013.
The information included in the report was limited to the 818 patient names, referral source, referral and admission date, name of insurance company, chart number, county and date of discharge. The information did not include other sensitive personal identification such as social security numbers, dates of birth or addresses. Due to the number of affected individuals and the agency’s policy against using unsecured channels for communicating patient information, each patient or their next of kin is being notified of the occurrence.
The information was secured February 28, 2013 and the agency does not believe the type of information included presents a risk of financial harm. However, affected individuals are encouraged to contact their financial institutions as well as any one of the three major credit bureaus to place a fraud alert on their account.
In response to this incident, all staff members have received additional training, and the agency is performing a comprehensive review to further refine its policies and procedures related to patient privacy and security. Steps are also underway to further improve the security of the agency’s operations, officials said.