Washington University School of Medicine notifies patients of data breach

Mackenzie Garrity - Print  | 

A limited number of patients within Washington University School of Medicine's ophthalmology and visual sciences department may have had their information viewed by an unauthorized person.

In September, officials at the St. Louis-based university learned that patients had received an unusual letter regarding an ophthalmology department employee. After an internal investigation, officials determined that an unauthorized individual had gained access to the employee's email account through his or her personal laptop.

The unauthorized person had access to the email account between April 29 and Sept. 3. Since discovering the breach, Washington University School of Medicine officials have secured the employee's email account.

Patient data that may have been exposed included names, dates of birth, medical record numbers and limited treatment and/or clinical information, such as diagnoses, provider names and prescription information. A limited number of patients may have also had their health insurance information and Social Security numbers exposed.

The university concluded the investigation Oct. 21 and put a notice on its website about the incident Nov. 1. There is no evidence that patients' information has been misused.

"We regret any concern or inconvenience this incident may cause. We remain committed to protecting the confidentiality and security of our patients' information. To help prevent something like this from happening in the future, we have reinforced education with our staff on best practices for passwords and are making additional security enhancements," the university said in a statement.

Copyright © 2021 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.