North Carolina DHHS sends unencrypted email containing 6k employee applicants' drug screening data to vendor

The North Carolina Department of Health and Human Services mailed letters to nearly 6,000 people who underwent routine drug screening for employment, intern and volunteer opportunities at its agency, notifying them of a recent incident in which a spreadsheet containing their personal information was sent in error to a vendor via an unencrypted email.

Upon learning of the breach Sept. 27, DHHS launched an investigation and coordinated efforts with the vendor to secure and delete the information — which included names, social security numbers and test results of applicants for particular positions within DHHS — in the spreadsheet. An individual's inclusion in the spreadsheet only indicates that they sought an employment, intern or volunteer opportunity at DHHS within the affected time period, which the agency did not disclose in its news release.

Although DHHS cannot determine whether or not the email had been intercepted during transmission, the agency believes risk of misuse of the personal information is low.

DHHS advises affected individuals put an alert on their credit files and monitor bank statements and credit card bills for unusual activity.

Editor's Note: Becker's Hospital Review has reached out to North Carolina Department of Health and Human Services for comment. This story will be updated as more information becomes available.

More articles on cybersecurity: 

IBM hits quantum computing milestone
AMA, Harvard Health Publishing 'pause' partnerships with Outcome Health
NIH taps 14 medical societies, community groups to recruit 'All of Us' participants

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Webinars

Featured Whitepapers