A potential breach of health data occurred at MidMichigan Medical Center (MMC) in Alpena. On November 18, 2017, a MMC cardiologist, Dr. Christopher Walls, took out patient files from the cardiology office without proper authorization. He put the files in his vehicle and drove away. While on 12th Avenue Chisholm Street, the storage container dropped because it was not secured properly. The contents spilled on the ground and then the wind started blowing the documents round the street.
Some people picked up the documents and notified the hospital regarding the documents containing sensitive personal info scattered in the street. The hospital called for help from law enforcement to collect all the documents.
After the incident, Dr. Richard Bates, VP of Medical Affairs at MMC, announced that all documents are believed to have been retrieved, so there’s little risk to patients. Still, about 1,900 patients received notification of the potential breach because it’s not confirmed that all documents had been recovered. Information that was stolen included names, addresses, Social Security numbers and clinical data. The affected patients were also offered free identity theft protection services.
It is unknown why Dr. Christopher Walls took the files from the office. But for doing so, he violated hospital policies and so MMC considered him no longer working at MMC. Dr. Richard Bates also stated that their patients’ privacy is important to them and they take the responsibility to protect them seriously. The hospital has processes and procedures in place to identify breaches and protect patients’ PHI.