On April 3, 2017, the Cook County Health & Hospitals System’s (CCHHS) Office of Corporate Compliance was notified that a patient list from Stroger Hospital’s Neonatal Intensive Care Unit (NICU) was missing. The list contained information of patients who were in the NICU between 2010 and 2015, including patient name, mother’s name, medical record number, birthdate, birth time, birth weight, race, sex, and discharge date and time. The list was in a box that was misplaced during a move. After the move, staff could not locate the list, but believe it was likely put in the garbage and destroyed. Misplacing a list with Protected Health Information (PHI) is a privacy breach and requires formal notification.

The Cook County Health & Hospitals System (CCHHS) takes patient privacy extremely seriously. We know patients trust us to keep information private and we have a duty to keep that trust through our actions.

Since this happened CCHHS is making every effort to make sure this does not happen again. These efforts include:
• Conducting a root cause analysis to prevent another event like this in the future
• Teaching the staff involved in this event about the proper storage of PHI
• Retraining all staff on patient privacy

Patients with questions may call the CCHHS Compliance Hotline at 1-877-476-1873 (8 a.m. to 5 p.m. Monday through Friday), e-mail the CCHHS Compliance Program at privacy@cookcountyhhs.org or contact Cathy Bodnar, CCHHS Chief Compliance and Privacy Officer at 1900 West Polk, Suite 123, Chicago, IL 60612.