Email Breach Incidents at South Texas Health System and Atricure

South Texas Health System has advised 6,761 regarding their protected health information (PHI) that had been accidentally disclosed. South Texas Health System gives discharge information right after patients get health care care in its healthcare facilities. Part of that practice entails a staff member making and sending a monthly statement that lists patients who were discharged from the emergency departments of the hospital.

South Texas Health System learned on April 8, 2021 that an email having an included November 2020 report was routed to the incorrect email recipient on April 7. Steps were undertaken to attempt to determine the individual and get the email deleted, however that particular person continues to be not known and it is not clear if the message was opened, read, or erased.

The file attachment had a record of patients released from its hospital emergency sections in November 2020 and enclosed names, date and time of release, internal hospital visit numbers, whether or not discharge instructions were furnished, and details concerning where the patients had been discharged.

The nature of the information in the document makes it improbable for patients to experience problems; nonetheless, as a preventative measure, those persons were given complimentary one-year membership to an Internet surveillance and an identity theft restoration service.

Atricure Group Health Plan Members Affected by Email Data Breach

Atricure in Ohio found out that an unauthorized person got access to the email account of a staff for a brief time period on March 8, 2021. Upon discovery, Atricure quickly secured the account and hired a third-party cybersecurity company to help look into the occurrence. The breach was affirmed as having an effect on just one email account, nevertheless it wasn’t possible to ascertain whether any emails or file attachments were accessed.

An evaluation of all email messages and attachments in the account was accomplished on April 7, 2021 and showed that they comprised certain sensitive data of personnel, beneficiaries and dependents pertaining to the Atricure Group Health Plan. A totol of 2,487 people were impacted by the breach.

The types of details likely exposed included names, dates of birth, addresses, Social Security numbers, clinical data, medical insurance claims data and financial account details. Impacted persons were given free credit monitoring, fraud consult, and identity theft restoration services. Atricure has furthermore upgraded its security practices and has re-trained staff regarding email security.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at https://twitter.com/ElizabethHzone