Dignity Health Reports Email Data Breach Incident Affecting 56,000 Patients

June 8, 2018
San Francisco-based Dignity Health, and one of its business associates, reported an unauthorized access/disclosure incident impacting the medical records of 55,900 patients.

San Francisco-based Dignity Health, and one of its business associates, reported an unauthorized access/disclosure incident impacting the medical records of 55,900 patients.

According to the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) breach portal, which contains information about data breaches impacting more than 500 patients, Dignity Health reported the incident on May 31 and categorized the incident as “unauthorized access/disclosure” involving and affecting 55,947 patients.

Dignity Health officials sent a statement to Healthcare Informatics, dated June 4, regarding the data breach incident. “On April 24, 2018, Dignity Health, including its affiliates Dignity Health Medical Group Nevada, LLC, and Dignity Health Medical Foundation, discovered that an email list formatted by Healthgrades, one of its business associates, contained a sorting error. This error resulted in Dignity Health inadvertently sending misaddressed emails to a group of patients, informing them of a new online appointment scheduling tool. Immediately upon learning of the incident on April 25, Dignity Health and Healthgrades launched a comprehensive investigation.

Dignity Health and Healthgrades have taken immediate steps to notify the affected patients, the organizations stated. Dignity Health and Healthgrades investigated and corrected the problem and the companies are putting appropriate steps in place so that it will not happen again.

“Each misdirected email was sent to only one person. The emails contained the wrong patient’s name and, in some cases, his or her physician’s name. No other information was included in the email. Importantly, there was no financial, insurance, or medical information included,” the statement read.

“All of us at Dignity Health and Healthgrades take our responsibility to protect patients’ personal and medical information very seriously. We sincerely regret that this error happened and any concern or confusion it may have caused,” the organizations wrote in the statement.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?