Ashtabula (Ohio) County Medical Center, a Cleveland Clinic affiliate, reported a data breach after posting an Excel spreadsheet on its website that included protected health information.
The hospital posted the spreadsheet on Jan. 6 to comply with government requirements about medical cost disclosures. However, on March 12 the hospital realized the spreadsheet contained PHI of select patients, including the patients' names, diagnoses, health history and treatment history.
The hospital notified 3,683 patients that their information had been exposed on April 28. The health system is not aware of any information being misused as a result of the incident.
More articles on cybersecurity:
Healthcare Resource Group alerts New York med center patients of records breach
Nebraska Medical Center employee wrongly accessed EHR, affecting 1,311 patients
7 hospitals whose employees wrongfully viewed patient records