The University of Tennessee Medical Center is notifying approximately 8,000 patients of a breach of their protected information.

The action comes after the hospital discovered on October 4 that a daily administrative report that is automatically printed in a secure location was not being shredded according to policy but was being "discarded in the hospital's waste stream," according to the notification letter. "There was no sensitive, personal or identifying information in view on the outside of the report; however, located within the report was certain patient related information, including the patient's name and Social Security number."

Hospital officials do not believe any information was improperly accessed as, "based on our waste management process, shortly after disposal, all information was rendered unreadable," according to the letter to affected patients. The hospital has sanctioned some employees and is retraining staff on disposal procedures.

The hospital is not offering free credit protection services but in the letter explains steps patients can take to protect their credit. There is no information on the hospital's Web site about the breach. The Knoxville News Sentinel first reported the breach and local CBS television affiliate WVLT posted the notification letter on its Web site, available here.

--Joseph Goedert


Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access