Dignity Health Reports Email Data Breach Incident Affecting 56,000 Patients

June 8, 2018
San Francisco-based Dignity Health, and one of its business associates, reported an unauthorized access/disclosure incident impacting the medical records of 55,900 patients.

San Francisco-based Dignity Health, and one of its business associates, reported an unauthorized access/disclosure incident impacting the medical records of 55,900 patients.

According to the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) breach portal, which contains information about data breaches impacting more than 500 patients, Dignity Health reported the incident on May 31 and categorized the incident as “unauthorized access/disclosure” involving and affecting 55,947 patients.

Dignity Health officials sent a statement to Healthcare Informatics, dated June 4, regarding the data breach incident. “On April 24, 2018, Dignity Health, including its affiliates Dignity Health Medical Group Nevada, LLC, and Dignity Health Medical Foundation, discovered that an email list formatted by Healthgrades, one of its business associates, contained a sorting error. This error resulted in Dignity Health inadvertently sending misaddressed emails to a group of patients, informing them of a new online appointment scheduling tool. Immediately upon learning of the incident on April 25, Dignity Health and Healthgrades launched a comprehensive investigation.

Dignity Health and Healthgrades have taken immediate steps to notify the affected patients, the organizations stated. Dignity Health and Healthgrades investigated and corrected the problem and the companies are putting appropriate steps in place so that it will not happen again.

“Each misdirected email was sent to only one person. The emails contained the wrong patient’s name and, in some cases, his or her physician’s name. No other information was included in the email. Importantly, there was no financial, insurance, or medical information included,” the statement read.

“All of us at Dignity Health and Healthgrades take our responsibility to protect patients’ personal and medical information very seriously. We sincerely regret that this error happened and any concern or confusion it may have caused,” the organizations wrote in the statement.

Sponsored Recommendations

Cloud Communications: Connecting Care at the Core

Cloud communications is the present, the recent past, and the future of collaborative healthcare.

The Ultimate HIPAA Security Guide for Cloud Communications

The healthcare industry is leading the charge in innovation, embracing cutting-edge technologies to enhance patient care and optimize operations. Forward-thinking organizations...

Improving Workplace Safety and Patient Care in Behavioral Health

In 2023, Vail Health enhanced safety in their behavioral health clinic, but the impact went beyond their expectations. Read their case study to see how prioritizing workplace ...

Transforming Hospital Capacity Through Smarter Patient Progression Strategies

Helping patients move seamlessly through every stage of their care, from admission to discharge, is critical to ensuring patient safety, improving outcomes, and optimizing capacity...