Avir at Rose Trail: Patient Records Exposed Publicly - TX
Federal inspectors found the protected health information on December 31, 2025, displayed in the foyer of Avir at Rose Trail. The public survey binder contained care plans for four residents, including their Social Security numbers, health diagnoses, and treatment details. A diabetic patient with nerve damage was among those whose private medical information was exposed.
The binder also held a facility report from July 2025 that revealed names, Social Security numbers, Medicaid and Medicare numbers, and health diagnoses for two additional residents. Inspectors discovered a resident identifier sheet listing names matched with numbered identifiers, along with survey documents containing more protected information.
During questioning, the administrator acknowledged the violation immediately. She explained that survey binders were kept in the lobby "for anyone who was interested to see what tags were written at the facility and the facility's accepted plan of correction." Only regulatory citations and correction plans belonged in public view.
"A resident's care plan should not have been in the binder as that was protected health information with diagnoses, treatment and other personal information that should not have been readily available to the public," she told inspectors.
The administrator couldn't explain how the sensitive documents ended up in public display. She acknowledged that the facility report containing Social Security numbers and Medicare information also violated privacy rules. "It was her and all staff's responsibility to ensure that PHI was protected from any unauthorized people," according to the inspection report.
Nobody could identify who placed the confidential records in the public binder.
The Director of Nursing, who had held his position for only a couple of weeks, confirmed that protected health information was never meant for public access. He emphasized that residents "had a right to privacy" and promised additional staff training to prevent future violations.
"He stated all staff were trained to protect this information in their new hire training as well as frequent refresher in-services throughout the year," inspectors documented.
The Assistant Director of Nursing explained the serious risks of the exposure during her interview. She noted that the leaked information could be used "to exploit the resident, such as their name, DOB, SSN, and health diagnoses." She confirmed that staff received initial training on protecting health information during onboarding and regular reminders through in-service sessions.
The assistant director recognized the legal implications, stating that "disclosure of this information would be a violation if HIPAA."
Federal privacy laws strictly limit access to medical records. The facility's own HIPAA policy, dated April 2025, explicitly states that "All patient, personnel, and financial information are considered privileged and confidential." The policy restricts access to "qualified, designated personnel" and requires "proper authorization" for any disclosure.
The policy promises residents that "your personal medical information will be maintained as confidential unless you allow the release of the information."
Yet anyone walking into the facility's lobby could examine detailed medical information about six residents, including a elderly diabetic woman whose nerve damage diagnosis was clearly documented in her care plan.
The exposure included some of the most sensitive personal identifiers possible. Social Security numbers can enable identity theft, while Medicare and Medicaid numbers provide access to government benefits. Combined with names, birth dates, and detailed health conditions, the leaked information created comprehensive profiles that could be exploited in multiple ways.
The facility maintains that staff receive extensive privacy training. New employees learn about protecting health information during orientation, and existing staff attend regular refresher sessions throughout the year. Despite this training, confidential records ended up in a public display where visitors, family members, and delivery personnel could freely examine them.
The violation affected residents across different areas of care. Beyond the diabetic patient with neuropathy, the exposed records revealed diagnoses and treatments for five other individuals who trusted the facility to safeguard their most private medical details.
Federal inspectors classified the violation as causing "minimal harm or potential for actual harm" to "some" residents. The exposure lasted an unknown period before discovery during the December 31 complaint investigation.
The administrator's inability to identify who placed the records in the public binder suggests gaps in oversight of sensitive documents. Multiple staff members had access to the lobby area and the survey binder, but no system existed to prevent confidential materials from being displayed publicly.
Six residents' most private medical information sat in a lobby binder, available to anyone curious enough to look, while facility leaders trained staff on the importance of protecting the very information they had inadvertently made public.
Full Inspection Report
The details above represent a summary of key findings. View the complete inspection report for Avir At Rose Trail from 2026-01-02 including all violations, facility responses, and corrective action plans.
Additional Resources
Data source: Official federal inspection data from the Centers for Medicare & Medicaid Services (CMS).
Editorial process: AI-synthesized regulatory data, reviewed for accuracy by our editorial team.
Professional review: All content reviewed by Christopher F. Nesbitt, Sr., NH EMT & BU-trained Paralegal.
Last verified: June 20, 2026 · Our methodology
Avir at Rose Trail in TYLER, TX was cited for violations during a health inspection on January 2, 2026.
Federal inspectors found the protected health information on December 31, 2025, displayed in the foyer of Avir at Rose Trail.
Health inspections identify deficiencies that facilities must correct. Violations range from minor documentation issues to serious safety concerns. Review the full report below for specific details and facility response.