Prior to disposing or selling office furniture, HIPAA-covered entities should ensure that all drawers and compartments are inspected for any stray documents containing sensitive information. The failure to conduct a thorough check could easily result in a HIPAA breach or privacy violation. Such an incident has recently occurred in Branchburg in Somerset County, NJ.
As reported by News 12 New Jersey, a printing company in Branchburg purchased used office furniture and discovered one of the cabinets contained hundreds of documents containing highly sensitive information.
The owners of printing firm Sublimation 101, found a stack of Employment Eligibility Verification (I-9) forms containing sensitive information such as names, contact telephone numbers, home addresses together with photocopies of Social Security cards, passports, and driver’s licenses – A treasure trove of information that could be used for identity theft and fraud.
The documents appear to have come from a health group in New Jersey – Presumably the former owner of the furniture. Michael Kaminsky, owner of the printing firm, told News 12 New Jersey, “We know about identity theft. We have great companies that protect us but we as Americans have to protect each other.”
The printing firm reported the incident to the Department of Homeland Security, which will be visiting the firm and conducting an investigation.
This would obviously not count as a HIPAA breach as HIPAA is concerned with the protected health information of patients rather than the sensitive information of employees. However, it could easily have also resulted in a HIPAA breach.
The post Documents Containing PII Discovered in Used Office Furniture appeared first on HIPAA Journal.