Tampa General Quiet on Details of New Breach

Tampa General Hospital and the University of South Florida Health are not giving much information about the latest breach within the delivery system that could involve identity theft.

Neither organization has prominently placed a notice of the breach on its Web site and spokespersons at both organizations declined to discuss the incident or provide a notification letter to Health Data Management.

The ABC News affiliate in Tampa, contacted by an affected patient, reports that an undisclosed number of patients have received notification letters in mid-August, which states they could become a victim of identity theft, for a breach discovered on May 24. That is a notification period well beyond the 60-day requirement under the HIPAA breach notification rule.

ABC reports that a University of South Florida Health employee was pulled over by Hillsborough County Sheriff’s deputies on May 24 and a search of the car found protected health information that the employee was not authorized to possess or have access to. Social Security numbers, patient names, dates of birth and medical records numbers were among the information.

“TGH officials say they have provided an 800 number in the letter that patients can call in order to get a year of free credit monitoring,” ABC reports. However, the television station notes that the phone number and the offer of credit protection was not in the notification letter that it saw. Rather, the letter advises patients to call credit bureaus to get a free credit report and lists other ways to protect themselves from identity theft.