Three details:
1. The health system sent out an email in late September without using the blind copy function, which meant recipients could see the email addresses of others who received an invitation to the event.
2. The error resulted in 1,062 patients’ email addresses and health information being shared.
3. General medical records, Social Security numbers or other patient information was not included in the information emailed.
More articles on cybersecurity:
4 healthcare organizations that paid $1M+ this year to settle HIPAA violations
South Carolina hospital billing error mixed up addresses for 12,636 patients
Ohio hospital reopens inpatient unit 3 weeks after cyberattack; system still not fully online
