The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Superior Dental Care Patients Informed of PHI Exposure Due to Email Account Breach

Posted By on Mar 26, 2019

The Centerville, Ohio dental insurance carrier, Superior Dental Care, has discovered an unauthorized individual has gained access to an employee’s email account and potentially viewed the protected health information of certain members.

The email account breach was detected on January 23, 2019 following the identification of suspicious activity within the employee’s email account. The password for the account was immediately changed and further unauthorized access was prevented.

A third-party computer forensics firm was called in to assist with the investigation and determine the nature and scope of the breach.

On February 11, 2019, Superior Dental Care learned that the account had been accessed by an unidentified third party and unauthorized access to the email account was first gained on December 21, 2018.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The email account contained information such as names, addresses, Social Security numbers, medical information, and payment information related to dental services received.

All individuals affected by the breach have now been notified by mail and the breach has been reported to appropriate authorities.

Processes have already been implemented to strengthen system security and Superior Dental Care will continue to work with third-party security experts to better protect members’ personal information.

The Department of Health and Human Services’ Office for Civil Rights breach portal indicates 38,260 patients were affected by the breach.

L.A. Care Health Plan Alerts Members to PHI Exposure Due to Mailing Error

L.A. Care Health Plan is alerting some of its members to a privacy breach that saw members’ protected health information accidentally disclosed to other members.

A system error resulted in L.A. Care member ID cards being mismatched and sent to incorrect plan members. In some cases, members received their correct ID card along with the ID cards of other members in the same envelope.

The system error occurred on June 1, 2018 and affected ID card mailings up until January 30, 2019.

The protected health information that was accidentally disclosed was limited to name, phone number, member ID number, medical group name, PCP/Clinic name, and health plan name.

L.A. Care Health Plan has since updated its processes and procedures to reduce the risk of a similar incident occurring in the future.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist