Error in faxing causes united health care breach

March 2nd, 2014 by admin Leave a reply »

 

A Portland, Oregon man received erroneous faxes containing Protected health Information (PHI) from Community Memorial Hospital patients. Patient info was sent to the wrong recipient, Stephen Butler’s.

Fax included information of patient names, dates of birth, patient ID numbers, admission dates, and discharge dates. Butler called the hospital to inform them about the error after tracing the number to Community Memorial Hospital in Menomonee Falls, Wisconsin.

Investigation revealed that breach was caused by United Healthcare. Butler initially contacted one of the patients of the hospital. Froedtert Health, which runs Community Memorial Hospital, was alerted of the breach through a patient.

“She took my name and number, said she was very thankful that I called her, and she said she was going to talk to the hospital administration immediately,” Butler said referring to the patient. Butler claims he called the hospital a half dozen times over the past year and told them to stop sending faxes. But faxes were sent erroneously even after repeated requests. He finally started calling the patients and media after which faxes stopped.

United representative issued a statement, “We were alerted by Froedtert Health about this issue earlier today, and we are working closely with them to investigate and determine the facts. We take very seriously the privacy and personal information of our members.” It was not able to determine whether breach was a result of human error or a glitch in the system.

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta

Leave a Reply