Jacobi Hospital

The New York City Health and Hospitals Corporation (HHC) on February 9, 2011 began to notify 1.7 million patients, staff, contractors, vendors and others who were treated by and/or provided services during the past twenty years for or at Jacobi Medical Center, North Central Bronx Hospital, or their offsite clinics, which comprise the North Bronx Healthcare Network. The notification is about a recent reported theft of electronic record files that contained their personal information, protected health information (PHI), or personally identifiable employee medical information (PIEMI). Personal information can include social security numbers, names, addresses, and other information that may be used to identify individuals. PHI can include personal information and patients' medical histories. PIEMI can include personal information and employees' health information. HHC values and protects individuals' privacy and confidentiality and deeply regrets any inconvenience and concern this may create for patients, staff and others affected. The loss of this data occurred through the negligence of a contracted firm that specializes in the secure transport and storage of sensitive data. There is no evidence to indicate that the information has been inappropriately accessed or misused. However, HHC is taking responsibility and providing information and credit monitoring services to all affected individuals who may be worried about possible identity theft. For more information and to sign up for one year of free credit monitoring and fraud resolution services, individuals affected can call 1-877-412-7148. These individuals may have been affected: * Patients * Workforce members and the employees of contractors, vendors, and other third parties, who, due to the types of services or other functions performed for or at the hospitals, had access to the hospitals' computer medical record system, QuadraMed. * Workforce members and the employees of contractors, vendors, and other third parties, who, for various reasons, were examined, assessed, and/or screened by the hospitals' Occupational Health Service. If you are one of the individuals who may have been affected, please see the appropriate notification letters and Frequently Asked Questions linked below for more information about the incident and the services available to you.


I am in shock. First of all, I go to Jacobi Hospital and all my doctors are there. The quality of care at Jacobi Hospital goes un-matched. I live in Times Square and did research many years ago to see where I could have the best doctors and the least amount of time waiting around to see them and Jacobi was that place. I could go to any hospital in Manhattan, but I picked Jacobi because of the high quality doctors, the most wonderful nurses and you never wait around all day to see someone. They are efficient, caring and believe it or not, I look forward to going there to see my wonderful doctor and the always happy nurses. But now I feel I have been violated, not by the staff, but by the administration that hired this GRM Information Management Services, who we now know can't manage anything. How dare they leave a Van un-attended with millions of medical records of New York City Patients.


Founded in New York City in 1987, GRM Information Management Systems, is the premier provider of Records and Information Management Solutions worldwide. Driven by its customers, GRM endeavored to provide a better, hands-on alternative for Records Management and archiving than the larger, more established vendors were offering. This personal touch and our expertise in the field of records and data management resonated throughout the business community, solidifying GRM’s reputation in the 1990’s. Our client roster grew steadily, and by the end of the decade, GRM was operating three records centers in the New York Metropolitan Area totaling nearly 1.5 million square feet. GRM ushered in a new century by embarking on a national expansion program, and today GRM can be found in eleven major marketplaces, with that number growing each year.


I am very upset. First of all, the North Bronx Healthcare Network took almost two months to contact us. They should have told everyone right away that this happened, even know they claim they were waiting to see what patients were effected. They should have sent out a notice telling their clients that personal information could have been compromised. Second of all, they slap us again in the face. They offer us one year identity protection service. They should offer us lifetime identity service. Who knows when the information will be used. Look whats happening in Russia. The Russians are the biggest Identity thieves on the planet. It's not just your social security number and all you other information, its all your medical records. The most personal information you have is now in the hands of thieves.

I went up to Jacobi Hospital the other day to talk to some contacts. Several employees there told me the information was not encrypted like they are telling us. That means anyone who has a computer can read our files. Second, they are saying that this must have been a inside job. One employee of the hospital mentioned that a million social security numbers alone are worth millions. This employee also pointed out that in the files were addresses, mothers maiden name, phone numbers, bank accounts and just about everything else. Everything you need to steal someones identity was in these files. If you have cancer or if you have Aids, it is now in the public domain.

From The Hipaa Website

Your Health Information Is Protected By Federal Law

Most of us believe that our medical and other health information is private and should be protected, and we want to know who has this information. The Privacy Rule, a Federal law, gives you rights over your health information and sets rules and limits on who can look at and receive your health information. The Privacy Rule applies to all forms of individuals' protected health information, whether electronic, written, or oral. The Security Rule, a Federal law that protects health information in electronic form, requires entities covered by HIPAA to ensure that electronic protected health information is secure.

How Is This Information Protected

* Covered entities must put in place safeguards to protect your health information.
* Covered entities must reasonably limit uses and disclosures to the minimum necessary to accomplish their intended purpose.
* Covered entities must have contracts in place with their contractors and others ensuring that they use and disclose your health information properly and safeguard it appropriately.
* Covered entities must have procedures in place to limit who can view and access your health information as well as implement training programs for employees about how to protect your health information.

Now it would seem that the North Bronx Healthcare as well as their contractor GRM Management are liable for breaking the law. What they have done is outrageous and they should be held accountable. We are sure GRM Management will go out of business after this, but we are more sure that they will open up under a new name and continue to get business from our hospitals. Disgusting!


Anonymous said…
Such a betrayal of the trust you have placed with them. I can imagine how sick and disgusted, how fearful and uncertain the patients/clients must feel. I am so sorry.
James Edstrom said…
They should be sued........ It is horrible....