25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Medical Records of Western Connecticut Health Network Patients Exposed

Posted By on Aug 22, 2019

Nuvance Health has started notifying certain Western Connecticut Health Network (WCHN) patients that some of their protected health information has been exposed.

On June 11, 2019, WCHN sent a box of medical records to the Connecticut State Department of Public Health. The package was sent via the U.S. Postal Service (USPS), but the package was damaged in transit, exposing the contents of the package.

WCHN was notified and retrieved the damaged package from the USPS. A spokesperson for WCHN said there was no indication that any information had been removed and misused and that the package did not appear to have left the custody of the USPS until it was collected by WCHN personnel.

WCHN has now changed its procedures for sending protected health information to ensure similar incidents are prevented in the future. Patients were notified on August 19, 2019.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The types of information in the records was limited to names, addresses, dates of birth, provider names, medical record numbers, diagnosis dates, diagnoses, and medical test results. The HHS’ Office for Civil Rights breach portal indicates 1,293 patients have been affected by the breach.

4,000 Arizona State University Students Notified of Impermissible PHI Disclosure

Arizona State University (ASU) is notifying approximately 4,000 students that their email addresses, and in some cases their name, have been impermissibly disclosed as a result of a recent mailing error.

The students were sent emails in late July about renewing their health insurance. The email addresses should have been hidden but were visible to other students who were sent the mailing.

When the error was discovered, ASU deleted 2,540 of the messages and said 1,130 messages had not been read.

ASU is reviewing its policies and procedures and will take steps to prevent incidents such as this from happening in the future.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist