Author Name Patrick Ouellette
While human error is unavoidable from time to time, what healthcare organizations do to minimize the impact of those mistakes with health data goes under the microscope when breaches occur. DENT Neurologic Institute of Amherst, NY recently experienced a data breach and hasn’t explained whaat (if any) email technical safeguards it had in place at the time, or how it plans on preventing this type of incident in the future.
A DENT office clerk inadvertently emailed 200 people an attachment with personal information of 10,200 patients. Because the organization had exposed that data without technical safeguards, it had to alert each of those patients to explain the data breach. The attachment contained information such as name, address, whether they were an active or former patient, last appointment, visit type, primary care physician, referring physician and email address. DENT called those 200 mistaken recipients on Monday night and asked them to erase the Excel spreadsheet that held the data and followed that with the letter to the 10,000 patients.
Though the data didn’t include medical conditions, birth dates or Social Security number, as PHIPrivacy.net said, it’s hard to argue that publicizing patients’ Neurologic appointments is a good thing for them.
Additionally, the Buffalo News reports that DENT had to deal with a similar breach recently, when instead of mailing letters to only Catholic Medical Partners physicians, it sent letters to all of the organization’s patients. DNI self-reported the incident to the New York Department of Health.
DENT released this statement in a press release Tuesday, according to WGRZ.com:
“We are very sorry this happened and we deeply apologize to all of our patients, referring physicians and WNY healthcare partners,” Fritz said. “Patient confidentiality is extremely important in our field and we take it very seriously and we will review how this accident happened so we can steps to minimize the possibilities it could ever happen again. This is an inexcusable event.”