On Feb. 3, an employee inadvertently sent an email to the wrong address. The email contained an attachment that contained information for those patients who had visited the health system since June 1, 2019. Affected patients were treated at The Queens Medical Center and Queen’s North Hawaii Community Hospital.
Patient data that may have been exposed included names, account numbers, health plan identification numbers, admission dates, discharge dates and other information. For 300 patients, information about their diagnosis may have also been affected.
No Social Security numbers or financial information was included in the email. After discovering the error, the health system took steps to contact the person who received the email and recall the message.
The Queen’s Health System said there is no evidence that patient information has been misused.
More articles on cybersecurity:
Texas provider alerts 6,500 patients of phishing attack
Connecticut payer alerts 1,100 members of phishing attack
10 tips for hospitals to mitigate ransomware attacks
