Indian Health Service Employee Mistake Compromised Personal Information of 620 Patients

Rapid City Indian Health Service Unit

Rapid City Indian Health Service Unit

RAPID CITY, SOUTH DAKOTA—Some 620 patients of the Indian Health Service Rosebud Service Unit on the Rosebud Indian Reservation in South Dakota received letters from the Indian Health Service informing them their personal data has been compromised and an apology.

The personal information includes their name, Social Security numbers and U.S. Department of Veterans enrollment information.

The letters informed the patients that on May 30, 2014, it was discovered that a file folder containing protected health information from the Indian Health Service (IHS) Rosebud Service Unit in Rosebud, South Dakota, was inadvertently left by an employee in a public area at the Rapid City Service Unit in Rapid City, South Dakota. Both facilities are in the IHS Great Plains Area, which encompasses the states of North Dakota, South Dakota, Nebraska, and Iowa.

At this time, the IHS has not received any indication the information has been accessed or used by any unauthorized individuals. The folder was discovered a short time later and was immediately taken to security.

“The Indian Health Service is committed to safeguarding the privacy of its patients and deeply regrets this incident occurred,” reads part of a public announcement released by Indian Health Service released Friday, July 25, 2014.

“The Indian Health Service understands the importance of our patients’ personal information, and we take that responsibility very seriously,” stated Acting IHS Director Dr. Yvette Roubideaux in a press release also issued Friday.

In accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the IHS has notified the persons involved. In the letter sent to patients, they  were provided a phone number to call and offered one year of free credit monitoring and reporting services.

Rosebud Indian Health Service Unit

Rosebud Indian Health Service Unit

An investigation has been completed, and the incident has been referred to management for appropriate action to determine accountability in accordance with the HIPAA regulations. To prevent future occurrences, all Great Plains Area staff will receive additional training in current HIPAA privacy rules.

Patients who received the letter and who have any questions can contact the Great Plains Area HIPAA Coordinator Heather McClane at 605-226-7730, email:; or the IHS Headquarters HIPAA Coordinator Williams Tibbitts at 301-443-1116, email:

Print Friendly, PDF & Email
  1. Carol 4 years ago
  2. Chuck 4 years ago