The group discovered Aug. 27 that an email invitation was sent to patients without using the blind carbon copy function. This caused patients’ email addresses to be visible to all recipients. The email contained patients’ email addresses and information to attend an educational event. No financial information, Social Security numbers or clinical information was in the email.
Since the incident, SCCA is evaluating its systems and processes.
“SCCA is committed to providing quality care while protecting our patients’ personal information. SCCA has no evidence that this information was misused, and we sincerely regret any concern or inconvenience this mistake may have caused our patients,” the group said in a statement.
More articles on cybersecurity:
DeepThink Health, VScript left thousands of patients’ info exposed online
Hackers try to divert payments to telemedicine company into fraudulent bank accounts
Texas lab alerts 16,000 patients of data breach
