Report: NFL Players’ Medical Records Stolen from Trainer’s Car | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Report: NFL Players’ Medical Records Stolen from Trainer’s Car

June 2, 2016
by Rajiv Leventhal
| Reprints
Click To View Gallery

Thousands of National Football League (NFL) players’ paper and electronic medical records dating from 2004 were stolen from a Washington Redskins’ trainer’s car earlier this year, according to a report from sports and news media site Deadspin.

According to an email obtained by Deadspin that was allegedly sent on May 27 by NFL Players Association (NFLPA) Executive Director DeMaurice Smith to each team’s player representatives, “In late April, the NFL recently informed its players, a [Redskins] athletic trainer’s car was broken into. The thief took a backpack, and inside that backpack was a cache of electronic and paper medical records for thousands of players, including NFL Combine attendees from the last 13 years. That would encompass the vast majority of NFL players, and for them, it’s a worrying breach of privacy; for the NFL, it’s potentially a costly violation of medical privacy laws.”

The Washington Post confirmed the Deadspin report. In a statement, per the Post story, the Redskins team said that the theft occurred mid-morning on April 15 in downtown Indianapolis, “where a thief broke through the window of an athletic trainer’s locked car. No social security numbers, Protected Health Information (PHI) under HIPAA, or financial information were stolen or are at risk of exposure.”

The statement from the Redskins also attested that the team is working with the NFL and NFLPA to locate and notify players who may have been impacted. The statement continued by noting that the laptop was password-protected but unencrypted, but they have no reason to believe the laptop password was compromised. The NFL’s electronic medical records system was not impacted, the statement said.

The Deadspin report further notes that the NFL Combine, “though operated by a private company, is a league event, involving prospective league employees, and the records are those of current and former players from among all the NFL’s teams. It is thus likely that it is the NFL’s responsibility to protect those records, and the NFL’s obligation to make sure that anyone who has access to them observes federally and locally required medical privacy standards.”

The report’s authors mention that because the NFL is not a covered entity under HIPAA, the law wouldn’t apply directly to the league. The U.S. Department of Health and Human Services (HHS) website verifies that health plans, healthcare providers, and healthcare clearinghouses are the groups that are covered by the privacy rule, and are subject to penalties if they release medical information without the patient’s consent. Rather, in this case, “any potential litigation would likely take place on the state level, where courts routinely cite HIPAA standards,” according to Deadspin.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Healthcare Execs Anticipate High Cost Returns from Predictive Analytics Use

Healthcare executives are dedicating budget to predictive analytics, and are forecasting significant cost savings in return, according to new research from the Illinois-based Society of Actuaries.

Adam Boehler Tapped by Azar to Serve as Senior Value-Based Care Advisor

Adam Boehler, currently director of CMMI, has also been named the senior advisor for value-based transformation and innovation, HHS Secretary Alex Azar announced.

Vivli Launches Clinical Research Data-Sharing Platform

On July 19 a new global data-sharing and analytics platform called Vivli was unveiled. The nonprofit group’s mission is to promote, coordinate and facilitate scientific sharing and reuse of clinical research data.

Survey: More Effective IT Needed to Improve Patient Safety

In a Health Catalyst survey, physicians, nurses and healthcare executives said ineffective information technology, and the lack of real-time warnings for possible harm events, are key obstacles to achieving their organizations' patient safety goals.

Physicians Still Reluctant to Embrace Virtual Tech, Survey Finds

While consumers and physicians agree that virtual healthcare holds great promise for transforming care delivery, physicians still remain reluctant to embrace the technologies, according to a new Deloitte Center for Health Solutions survey.

Geisinger, AstraZeneca Partner on Asthma App Suite

Geisinger has partnered with pharmaceutical company AstraZeneca to create a suite of products that integrate into the electronic health record and engage asthma patients and their providers in co-managing the disease.