Sonoma Valley Hospital Acknowledges Security Breach
The names, dates of service and procedures for 1,350 surgery patients were mistakenly made available online.
The Sonoma Valley Sun reports that California's Sonoma Valley Hospital recently announced that it had notified 1,350 surgery patients that their personal information had mistakenly been posted on its public Web site (h/t HealthITSecurity).
The leaked data included the names, dates of service, procedures, surgeons, hospital charges and insurance companies of patients who were hospitalized for surgery between July 1, 2011 and June 30, 2012. The hospital says no other data was exposed.
Hospital CFO and compliance officer Richard Reid told the Sun that the breach, which occurred on February 14, 2013, was the result of an employee accidentally uploading the patients' information as part of a routine site update. The mistake wasn't discovered until more than two months later, on April 17, 2013.
"We have apologized to the patients involved for our error and assured them that we have taken action to understand the cause of the breach and strengthen policies and controls protecting patient information," Reid told the Sun. "We take patient privacy very seriously at Sonoma Valley Hospital and we are deeply sorry for any discomfort that this may have caused our patients."