Data breach impacts nearly 900 hospital patients in SF

May 15, 2018

The personal information of nearly 900 San Francisco Department of Public Health patients was accessed without authorization in November and December, health officials said.

A former employee of Nuance Communications, a Massachusetts-based company contracted to provide medical transcription records, accessed personal information of 895 patients, health officials said.

The information was accessed from November 20 to December 9, and belonged to patients who visited the San Francisco Health Network, the Health Department’s system of hospitals and clients, according to health officials.

The information included name, date of birth, medical record number, patient number, and information dictated by the provider such as patient condition, assessment, diagnosis, treatment, care plan, and date of service, health officials said.

The information didn’t include Social Security numbers, driver’s license numbers, or financial account numbers.

The department waited to inform the patients until May 11 at the request of the FBI and the U.S. Department of Justice, according to health officials.

Health officials said the Justice Department informed Nuance that it does not appear that any of the information was sold or used for any purpose, and all the data has been recovered from the former employee.

San Francisco Examiner has the story

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...