San Diego Hospital Data Breach Exposes Thousands
Posted in Data Breach on June 23, 2014
June 19, 2014 – Rady Children’s Hospital in San Diego, California, has announced that the confidential health information of more than 20,000 patients was disclosed and released to unauthorized third parties. The breach reportedly occurred on June 6, 2014, when an employee from Rady Children’s Hospital emailed a spreadsheet containing patient names, dates of birth, diagnoses, admit/discharge dates, medical record numbers, and insurance carrier and claim information for 14,121 underage patients to a handful of job applicants. The applicants subsequently forwarded the document to two other unauthorized individuals.
Rady Children’s Hospital allegedly conducted an internal investigation and hired an independent IT firm to ensure the data was properly removed from the recipient’s devices. During the investigation, Rady Children’s Hospital discovered a second breach when a different employee emailed the information of 6,307 patients that included names, discharge dates, locations they were seen, and account information such as payor names and balances.
According to Rady Children’s Hospital, a communication center staffed by hospital employees has been set up to call the families included in the breach.