Owner of closed Caney nursing home fined for failing to protect records
Violations of the Wayne Owen Act in 2017
COFFEYVILLE, Kan. (Kansas Attorney General’s Office) – The owner of a closed Caney nursing home has been fined for failing to protect patient and employee records, Kansas Attorney General Derek Schmidt said.
James R. Laidler of Pittsburg, owner of Caney Guest Home, Inc., agreed Monday to pay $150,000 in civil penalties, plus $6,379.28 in investigative fees and expenses for violations of the Wayne Owen Act, which is part of the Kansas Consumer Protection Act. The consent judgment, which was approved Monday by District Judge Jeffrey Gossard of Montgomery County, also requires Caney Guest Home, Inc., to submit a plan for the secure destruction of the documents within 60 days. Gossard suspended $100,000 of the penalties on condition of compliance with the judgment. (Read full judgement)
Schmidt filed the lawsuit in December 2017 after Caney Nursing Center, previously operated by Caney Guest Home, Inc., closed earlier in February 2017. Schmidt alleged that the defendants knew there were unsecured patient and employee records contained in the building. The former nursing home had been burglarized, left unsecured and had been trespassed upon, which exposed the personal information on the records to potential disclosure. Despite this knowledge, the defendants failed to secure or properly dispose of the patient and employee records as required by law.
The lawsuit stated that as holders of personal information, defendants are subject to the requirements of the Wayne Owen Act, which is part of the Kansas Consumer Protection Act. The lawsuit alleged the defendants failed to comply with those requirements by failing to implement and maintain reasonable procedures and practices to protect personal information, and by failing to take reasonable steps to destroy or arrange for the secure destruction of records containing personal information when the records no longer are to be used.
“Personal information” includes information such as a social security number, driver’s license number, financial account number or credit or debit card number that can be misused to commit identity theft or otherwise harm the person whose information is compromised. It also includes any information, such as medical records, for which a security obligation is imposed by federal or state statute. Under Kansas law, businesses that collect the personal information of others have a duty to safeguard it.
A copy of the judgment can be found at www.InYourCornerKansas.org/judgments.