Wyoming health department employee accidentally posts 164,000+ individuals' PHI online

The Wyoming Department of Health began notifying more than 164,000 people this week that their protected health information had been exposed and uploaded online by an employee.

Six things to know:

1. The department on March 10 discovered that a WDH Public Health Division employee mistakenly uploaded 53 files containing COVID-19 and flu test result data to private and public data repositories on servers belonging to GitHub.com.

2. The incident did not result from a compromise of GitHub or its systems, according to the health department's April 27 online notice.

3. The files that were inappropriately uploaded to GitHub contained protected health information of 164,021 Wyoming residents; the data was exposed as early as Nov. 5, according to the department.

4. The exposed health information included COVID-19 test results, names, patient IDs, addresses, birth dates and service dates. The affected files did not contain Social Security numbers, banking or financial information.

5. The PHI was also unintentionally disclosed, which means it was made available to unauthorized individuals to receive it on GitHub's public website as early as Jan. 8.

6. The health department is offering affected individuals one year of free identity theft protection services as a result of the breach.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars