Administrative error exposes personal data of 10,200 neurology patients

Share this article:

A New York State medical practice mistakenly emailed the personal information of several thousand patients to other individuals it was treating.

How many victims? 10,200.

What type of personal information? Names, email and home addresses, appointment dates, and the names of doctors treating individuals.  

What happened? While sending a routine email to 200 patients on Monday, a clerk at Amherst, N.Y.-based Dent Neurologic Institute (DNI) mistakenly attached an Excel spreadsheet containing the sensitive information.

What was the response? The facility said it had contacted all 200 of the emailed patients by Tuesday afternoon, requesting that they delete the email.

DNI notified the New York Department of Health about the incident and said it would send notification letters, including an apology, to victims. The practice also provided a number for patients to call with questions.

Details: According to DNI, no Social Security numbers, birth dates or specific information about patients' medical conditions were included in the email attachment.

Quote: “Patient confidentiality is extremely important in our field, and we take it very seriously, and we will review how this accident happened so we can take steps to minimize the possibilities it could ever happen again,” said Dent CEO Joseph Fritz. “This is an inexcusable event.”

Source: www.buffalonews.com, The Buffalo News, Mass email by Dent Neurologic inadvertently breaches privacy of 10,200 patients,” May 14, 2013.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.