Texas psych hospitals deal with privacy breaches

There have been five incidents in the past six months where patients' health records have made their way out of some of Texas' 10 public psychiatric facilities, according to a review of state records by a newspaper.

In one incident, an employee at Big Spring State Hospital in West Texas was fired after officials alleged she walked out of the facility with 50 patients' protected health records, the Austin American-Statesman reported Sunday.

In the other cases, which involved a total of about a dozen patients, officials determined that the breaches were caused by mistakes.

"This can't happen," said Christine Mann, spokeswoman for the Texas Department of State Health Services, which oversees the hospitals. "Our patients deserve privacy and expect that their information is kept confidential. We're doing everything we can to figure out what happened and how to address it."

Dr. Deborah Peel, the Austin founder of Patient Privacy Rights, a national watchdog group focused on the protection of medical records, said the multiple incidents at the Texas hospitals indicate a pattern of problems that raise questions about the hospital system's ability to keep patient records safe.

"Incidents like this broadcast loud and clear that the place I go for help might not keep my information safe," Peel said.

At Big Spring, the hospital's investigation determined a psychiatric nursing assistant whose job involves monitoring patients was seen taking the information from the unit where the patients lived, Mann said.

A folder containing 47 pages of personal health information—including names, diagnoses and treatments—was found in December in a public trash bin off campus.

James Boucher, one of Big Spring's patients whose records were taken, was upset by what happened.

"I feel like I can't trust the hospital anymore, not with anything personal," he told the newspaper. "I don't even know where the records have been."

Big Spring State Hospital also had another incident in July, when a nurse sent unencrypted texts of a patient's records to another nurse.

Other hospitals with privacy breaches included:

• San Antonio State Hospital, which released a patient in June with another's discharge packet, including prescriptions and medical information.
• Terrell State Hospital, which released a patient with another's medication in October.
• Austin State Hospital, where the records of at least eight patients in September ended up on a television stand and were picked up by another patient.