Nearly 10,000 patients of Kansas-based Salina Family Healthcare Center (SFHC) are being notified that their personal information was inadvertently left in a database submitted to the National Commission for Quality Assurance (NCQA).

How many victims? 9,640, according to Identity Theft Resource Center

What type of personal information? Names, dates of birth, chart numbers and CPT codes associate with patient care.

What happened? A SFHC staff member inadvertently left a table containing the information in a database that was submitted to the NCQA.

What was the response? SFHC investigated the incident. SFHC received assurance from the NCQA staff member who received the database that the file was destroyed by the IT department. All employees will be retrained on the importance of protecting sensitive patient information. SFHC assessed and modified its process for running reports from the electronic medical records to ensure personal information is removed prior to being submitted for research purposes. The employee involved in the incident was disciplined. All impacted individuals have been notified.

Details: The database was submitted on April 8. The information related to SFHC's involvement in a care coordination research study.

Quote: “We have thoroughly investigated this incident and believe the risk of patients' pretected health information falling into the wrong hands is incredibly low in this situation,” Rob Freelove, CEO of SFHC, wrote in a notification posted to the website.

Source:, “Salina Family Healthcare Center Notifies Patients of Unintended Transmission of Personal Information,” June 2, 2014.