United States Airforce Data Breach (2011)

On August 21, 2012, the 374th Medical Group (374 MDG) at Yokota AB, Japan, discovered a potential compromise of patients' protected health information (PHI) when, on or about September 22, 2011, a former 374 MDG provider mailed surgical reports he performed at the facility to his stateside address. These reports pertained to 438 patients and were intended for the American Board of Surgeons to maintain the provider's board certification. Unfortunately, the package containing the medical information never arrived at his home and the United States Postal Service was unable to locate the package. The data elements involved in the documents include patient names, Social Security Numbers, dates of birth, diagnoses, descriptions and summaries of select procedures and operations performed by the provider between October 2007 and September 2011. Upon discovery, the 374 MDG immediately initiated an investigation to determine the circumstances surrounding the loss and identify those who were potentially impacted. To mitigate this incident and prevent future compromises of this nature, the 374 MDG is currently reviewing their policies and procedures to assist providers with the board certification process.