CaroMont Health Acknowledges Security Breach

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

North Carolina's CaroMont Health recently announced that 1,310 CaroMont Medical Group patients' personal health information was trasmitted by unsecure e-mail (h/t HealthITSecurity).

The security lapse was uncovered during a routine audit. "Upon discovery of this issue, CaroMont Health conducted a thorough investigation and determined that a staff member emailed the information as part of an approved patient care coordination process (which is an approved release of information under HIPAA) but failed to properly secure the email transmission in accordance with CaroMont’s secure email usage policy," CaroMont announced in a statement provided to NBC Charlotte.

The e-mail contained 1,310 patients' names, birthdates, addresses, phone numbers, medical record numbers, diagnoses, last dates of services, medications and insurance company names. Two patients' Medicare numbers were also included.

While there's no indication that the e-mail was accessed by anyone other than the intended recipient, CaroMont is notifying all those affected, and is re-training staff on the protection of patient information.