Administrative error exposes personal data of 10,200 neurology patients

Share this article:

A New York State medical practice mistakenly emailed the personal information of several thousand patients to other individuals it was treating.

How many victims? 10,200.

What type of personal information? Names, email and home addresses, appointment dates, and the names of doctors treating individuals.  

What happened? While sending a routine email to 200 patients on Monday, a clerk at Amherst, N.Y.-based Dent Neurologic Institute (DNI) mistakenly attached an Excel spreadsheet containing the sensitive information.

What was the response? The facility said it had contacted all 200 of the emailed patients by Tuesday afternoon, requesting that they delete the email.

DNI notified the New York Department of Health about the incident and said it would send notification letters, including an apology, to victims. The practice also provided a number for patients to call with questions.

Details: According to DNI, no Social Security numbers, birth dates or specific information about patients' medical conditions were included in the email attachment.

Quote: “Patient confidentiality is extremely important in our field, and we take it very seriously, and we will review how this accident happened so we can take steps to minimize the possibilities it could ever happen again,” said Dent CEO Joseph Fritz. “This is an inexcusable event.”

Source: www.buffalonews.com, The Buffalo News, Mass email by Dent Neurologic inadvertently breaches privacy of 10,200 patients,” May 14, 2013.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Programming error results in CVS Caremark mailing blunder

About 350 CVS Caremark customers are being notified that a programming error resulted in mailers containing their personal information being sent to the wrong customers.

Seattle University donor checks possibly exposed due to settings error

Seattle University is notifying an undisclosed number of donors that anyone with a Seattle University computer account could have viewed scanned checks.

Laptop stolen from Self Regional Healthcare contained patient data

As least 500 patients of Self Regional Healthcare have been notified that their personal information was on a laptop stolen from a Self Regional facility.