"A data breach that escaped our attention until recently was reported to the HHS’ Office for Civil Rights on May 6, 2024, by Columbia University Irving Medical Center (CUIMC) as affecting 29,629 individuals.
NewYork-Presbyterian (NYP) and CUIMC were notified about the exposure of patient data on an Internet-accessible platform. The file was immediately removed from the platform and the investigation confirmed that a NYP/CUIMC employee inadvertently uploaded the file in August 2023 while performing quality-related data review activities.
The file contained patient lab data, including first name, last name, medical record number, date of birth, provider name, and a single laboratory test result. NYP/CUIMC said the lab result would not reveal diagnostic information about patients. The forensic investigation uncovered evidence on March 8, 2024, indicating the file had been accessed by unknown and unauthorized third parties between September 11, 2023, and March 7, 2024.
The nature of the exposed data does not put the affected individuals at risk of identity theft; however, NYP/CUIMC recommends that the affected patients monitor their statements from their health plans for irregularities. The affected individuals have already been notified and NYP/CUIMC is evaluating further security enhancements and will continue to educate the workforce regarding the correct handling of patient data."
https://www.hipaajournal.com/70000-adventist-health-tulare-patients-data-breach/
"A data breach that escaped our attention until recently was reported to the HHS’ Office for Civil Rights on May 6, 2024, by Columbia University Irving Medical Center (CUIMC) as affecting 29,629 individuals.
NewYork-Presbyterian (NYP) and CUIMC were notified about the exposure of patient data on an Internet-accessible platform. The file was immediately removed from the platform and the investigation confirmed that a NYP/CUIMC employee inadvertently uploaded the file in August 2023 while performing quality-related data review activities.
The file contained patient lab data, including first name, last name, medical record number, date of birth, provider name, and a single laboratory test result. NYP/CUIMC said the lab result would not reveal diagnostic information about patients. The forensic investigation uncovered evidence on March 8, 2024, indicating the file had been accessed by unknown and unauthorized third parties between September 11, 2023, and March 7, 2024.
The nature of the exposed data does not put the affected individuals at risk of identity theft; however, NYP/CUIMC recommends that the affected patients monitor their statements from their health plans for irregularities. The affected individuals have already been notified and NYP/CUIMC is evaluating further security enhancements and will continue to educate the workforce regarding the correct handling of patient data."