Patient information inadvertently shared included lab results, imaging results and appointment scheduling. No Social Security numbers were disclosed.
The incident occurred Feb. 13 and remained undetected until Feb. 16. The VHA uses an app, powered by Xerox software, that converts patients’ EHR information into letters. However, the letters sent to some VA patients contained personal information belonging to other patients.
The VHA is mailing out corrected letters to all affected patients and is in the process of reviewing its quality control measures.
More articles on cybersecurity:
Kentucky hospital hit with IT disturbance, experiences EHR downtime
Humana notifies 500+ Texas members about security breach
University Hospitals’ employee accidentally exposes over 800 patients’ health information
