DERMACARE BRICKELL ANNOUNCES DATA BREACH
Dermacare Brickell, a licensed medical practice in Miami, has experienced a data breach affecting some former patients from 2010-2013. As a medical practice, Dermacare Brickell is subject to the breach notification rules of the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”).
Dermacare Brickell stored former patient files from 2010 through 2013 in a locked storage unit at The Vue Condominium, which is where its office is located. The incident was discovered on November 20, 2018, after the practice learned that those patient files were missing. Through investigation, it learned that the files were mistakenly thought to be abandoned storage items and were discarded in its condominium association dumpster.
The practice has been assured by the person who discarded the boxes containing the patient files that he did not read or access any of the files. In fact, he didn’t know that the boxes contained patient files. Furthermore, the practice has not received any indication that any patient information has been accessed or used by an unauthorized individual.
The patient files included the following protected health information: full name, date of birth, home address, prior medical history as provided by the patient, and treatment notes by the practice. The patient files did NOT include any social security numbers, credit card numbers or financial information.
The practice reported the issue to the Miami Police Department, Case No. 181120-0087913. Dermacare Brickell will no longer be using any storage facilities for patient files, as it will now keep any paper files in its office. Dermacare Brickell has been transitioning to electronic medical records and the paper records that are now electronically stored will be shredded.
For questions or inquiries, please contact Dermacare Brickell at (833)-429-0888