Share this article on:
An email error by an employee of Campbell County Health (CCH) has resulted in the impermissible disclosure of the protected health information of 900 individuals. The Gillette, WY-based health system discovered on February 5, 2021 that an employee sent an email to a patient and attached an incorrect file.
The file contained patient names, account numbers, and their type of insurance. The email error was discovered within an hour of the email being sent and the recipient was immediately contacted and was told to securely delete the attachment. CCH officials provided instructions on how to ensure that the file was permanently deleted from the email account and all devices, and CCH has received satisfactory assurances that the file has now been permanently deleted and no further disclosures were made.
Affected individuals have been notified about the incident and internal policies are being revised to prevent similar incidents in the future. CCH has also provided further training to employees on best practices for protecting patient data.
UT Southwestern Medical Center Alerts Patients About Impermissible PHI Disclosure
UT Southwestern Medical Center in Dallas, TX is notifying 3,640 patients about an inappropriate disclosure of their names and email addresses to a third-party vendor. The information was shared with the third-party vendor in order to send invitations to a Kidney Cancer Program event. No other information was disclosed. All affected patients had previously received medical services through the UTSW Kidney Cancer Program.
The information was not further disclosed or compromised, but the sharing of the patient information was not permitted under HIPAA, hence the need to notify patients. UTSW Medical Center said, “UT Southwestern considers the protection of our patients’ privacy of utmost importance, and we deeply regret the occurrence of this incident and any worry, distress, or difficulty that it may cause.”