Castro Valley Health inadvertently sends patient info to third-party website: 4 notes

San Ramon, Calif.-based Castro Valley Health, a home health care services provider, inadvertently sent patient information to a third party website, where it was published in a "heavily coded" manner.

Four things to know:

1. Castro Valley Health reported it transferred certain patient information from 2016-17 to a website called Docker Hub. It became aware of the incident on April 21 and had the information removed from the website.

2. The information was described as "heavily coded" and wasn't readable "without significant decoding," according to a news release from the company.

3. The information on the website included patient names, nurse names, names of the speech or physical therapist that admitted the patient and the address of the facility where patients received treatment. The information transferred also included birth dates, medical record numbers and the date care began.

4. Castro Valley Health launched an investigation of the incident and has not found evidence that anyone viewed the information other than the individual who reported the incident to HHS.

More articles on cybersecurity:
Lawsuit alleges health system maintained PHI 'in a reckless manner' ahead of breach
Ransomware attack affects 13,146 patients' info at Alaska surgical practice: 4 details
Kaiser terminates employee that inappropriately accessed 2,756 patients' records over 8 years

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers