Pennsylvania Obs/Gyn Clinic Medical Records Found at Recycling Center

by | Dec 8, 2017

Paper files with information including names, Social Security details, and medical records, along with details of cancer diagnoses and sexually transmitted diseases (STDs), have been found at a recycling center in Allentown, Pennsylvania.

The files seem to have originated from Women’s Health Consultants, an obstetrics and gynecology practice based in South Whitehall Township and Hanover Township, PA. Women’s Health Consultants is no longer operating.

It is unclear how the records came to be left at the recycling center as the container where the records were found of was not covered by the surveillance cameras present at the center.

The center does have a secured recycling container where sensitive documents includinging confidential information can be disposed of safely, but that container was not the one used. The records were left in a container where they could be accessed by unauthorized people.

The individual who found the files left an anonymous tip on the non-emergency line of the Allentown communication center. According to a report in The Morning Call, a city worker visited the recycling center and pushed the records further into the container, so they were no longer clearly visible. Since the information was , the container has been loaded onto a truck and is no longer accessible by the general public. The container will now be moved to a recycling company.

The privacy breach has been made known to the Pennsylvania attorney general’s office, although it is unclear whether an investigation into the incident has been initiated.

HIPAA regulations require all physical records that include patients’ protected health information to be disposed of safely, making all information unreadable and indecipherable, so that it cannot be reconstructed. For paper histories, this typically includes shredding, pulping, or setting fire to the files. If that process is to happen off-site, the records should be secured while on the move to ensure they cannot be accessed by unauthorized people.

Failing to dispose of records safely can attract a harsh financial penalty, ranging from $100 to $50,000 per breach, up to a maximum of $1,500,000.

The Department of Health and Human Services’ Office for Civil Rights has already punished healthcare organizations for failing to dispose of medical records properly. During 2015, Cornell Prescription Pharmacy paid $125,000 to settle an improper disposal case with OCR.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy