08.08.13
A missing box of health records in Minnesota has prompted Medtronic Inc. officials to warn more than 2,700 patients about a potential breach of privacy.
The Minneapolis, Minn.-based medical device behemoth sent letters to patients in early July informing them of the situation and it arranged for patients to receive identity protection services,Medtronic spokeswoman Cindy Resman told the St. Paul Pioneer Press last week.
There have been no reports of any patient data misuse, Resman said in a prepared statement.
"These documents did not contain sensitive or intrusive information," she said in the statement. "For a small portion of patients, however, it's possible that additional information was in the box, including insurance company data, contact information and limited patient records."
In early July, a box of training records went missing from a facility in Minnesota, Resman said. Most of the documents and records in the box dated back to 2008 and were connected with training in the use of insulin pumps or continuous glucose monitoring devices.
Medtronic believes the box only has been misplaced and remains on company facilities. However, there is "at least a possibility," Resman said, that the box no longer is under Medtronic's control.
Some patient records included Social Security numbers, but Resman believes that number to be a small percentage of the entire box. Medtronic contacted a total of 2,764 patients.
In addition to issuing letters to patients, Medtronic notified the federal government about the situation. Companies and other organizations are required to report breaches of unsecured protected health information that affect 500 or more individuals.
In 2011, Minneapolis-based Fairview Health Services notified about 1,200 patients about a potential privacy breach after a box of patient health and billing records went missing.
The Minneapolis, Minn.-based medical device behemoth sent letters to patients in early July informing them of the situation and it arranged for patients to receive identity protection services,Medtronic spokeswoman Cindy Resman told the St. Paul Pioneer Press last week.
There have been no reports of any patient data misuse, Resman said in a prepared statement.
"These documents did not contain sensitive or intrusive information," she said in the statement. "For a small portion of patients, however, it's possible that additional information was in the box, including insurance company data, contact information and limited patient records."
In early July, a box of training records went missing from a facility in Minnesota, Resman said. Most of the documents and records in the box dated back to 2008 and were connected with training in the use of insulin pumps or continuous glucose monitoring devices.
Medtronic believes the box only has been misplaced and remains on company facilities. However, there is "at least a possibility," Resman said, that the box no longer is under Medtronic's control.
Some patient records included Social Security numbers, but Resman believes that number to be a small percentage of the entire box. Medtronic contacted a total of 2,764 patients.
In addition to issuing letters to patients, Medtronic notified the federal government about the situation. Companies and other organizations are required to report breaches of unsecured protected health information that affect 500 or more individuals.
In 2011, Minneapolis-based Fairview Health Services notified about 1,200 patients about a potential privacy breach after a box of patient health and billing records went missing.