Break-in at Pardee UNC Health Exposes Patient Data

Pardee UNC Health Care has announced that patient data may have been compromised following a break-in at its facility in Hendersonville.

The break-in was reported to police on May 9, 2019. Crime scene investigators determined that the criminals gained access to the basement of the building. Pardee UNC Health has stated that electronic equipment was stolen during the incident. The clinic is located on 2029 Asheville Highway, Hendersonville, NC.

Pardee Health issued a press release on the incident, which stated: “The equipment taken did not have hard drives intact and as a result, no Protected Health Information (PHI) or other personal information was accessed via the stolen electronics. However, during the onsite investigation immediately following the discovery of the break-in, Pardee Security found a stack of 590 Federal Drug Testing Custody and Control forms on a table centrally located in the basement. The Drug Testing Forms contained information related to routine drug screenings performed at Pardee Urgent Care on Thompson Street from October 2003 to December 2004. We believe that the person(s) who illegally entered the building moved the stack of papers from another location in the basement to the table, where they were in plain view. For this reason, we believe that the person(s) who illegally entered the building may have viewed the information contained on the forms.”

While officials at Pardee have yet to uncover any evidence to suggest that the information was viewed, stolen, or used for malicious purposes, as the files were moved from one location to another it is possible that the integrity of the protected health information (PHI) has been compromised.

The press release states that Pardee has since moved the files from the clinic and have placed them in storage in a secure facility.

The information that may have been compromised in the incident includes names, phone numbers, birth dates, social security numbers, results of drug screenings, employer names, and driver’s license numbers.

As issues who have their data exposed in such incidents are at an increased risk of fraud, UNC Health Care is offering 12 months of free credit monitoring services to all those affected by the breach.

“We are reviewing existing employee training and record retention protocols and policies and will reinforce and revise as needed, said Jennifer Melia, Compliance & Privacy Officer for Pardee UNC Health Care.

Pardee Health has yet to release an exact figure on the number of individuals affected by the incident.

HIPAA Violation Penalties

Most Common HIPAA Violations Causes