In September, a privacy breach was discovered by Trinity Grove staff. Trinity Grove attempted to notify affected individuals by mail on or about November 12, 2024. Some notifications were returned, or could not be mailed out, due to outdated or unknown addresses.
Trinity Grove discovered that certain staff had been using an unapproved application on their mobile devices to communicate non-critical personal health information of residents. While the application used encryption technology to encrypt all communications, the application was not fully HIPAA compliant. Trinity Grove immediately acted by having all involved staff cease the use of this application, electronically delete all communications, and delete the application from their mobile devices. Staff were re-educated on HIPAA compliant communications and Trinity Grove’s policy against the use of unapproved software applications.
We have no evidence that this information was accessed by a third party and no personal financial information was shared through the application. Our investigation revealed that the involved staff communicated with each other regarding residents’ names, transfers/discharges, conditions, test results, admissions, rooms, orders, outings, care plans, vaccination status, and treatments.
Trinity Grove remains dedicated to protecting the sensitive information under its control, and we will continue to take the appropriate steps necessary to safeguard information.
If you have any questions or need additional information, please do not hesitate to contact Ed Parrish, Administrator – Trinity Grove at eparrish@trinitygrove.net or (910)442-3001.