Data Breach at Gordon Schanzlin New Vision Institute Impacts 9,350 Patients’ PHI

The Gordon Schanzlin New Vision Institute found in La Jolla, CA, notified thousands of patients about the stealing of their healthcare information after records that contains protected health information (PHI) were found to be in the possession of a person not authorized to keep the data.

The information breach was found out right after the U.S. Postal Inspection Service performed an investigation. A property in Southern California was raided and a carton of medical documents was found.

The documents comprised data including names, addresses, dates of service, medical insurance data, Social Security numbers, and healthcare and clinical data.

Gordon Schanzlin was advised of the findings on June 15, 2018, and the provider launched an internal investigation right away to find out the nature and extent of the security breach and how the healthcare documents were taken.

Though it cannot be affirmed with 100% assurance, Gordon Schanzlin is convinced the healthcare records were included in a group of documents that thieves took from a storage unit in October 2017.

The boxes held in the storage unit included the medical documents of 9,351 patients. Though just a small amount of files were retrieved because of the raid, Gordon Schanzlin decided to inform all the impacted 9,351 patients concerning the findings as a safety measure.

Because of the sensitive nature of information in the documents, and the probability for the data to be employed for identity theft and fraudulence, Gordon Schanzlin |offered all patients probably impacted by the data breach 12 months of credit monitoring services with Experian. The services are given absolutely free to patients. Breach notification letters were sent by mail on August 14, 2018.

As a response to the breach, workers were given more training and extra safety measures were put in place to better guard all sensitive data.

About Christine Garcia 1310 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at