California hospital patients' PHI accidentally posted online for more than 1 year
Becker's Health IT
Modesto, Calif.-based Doctors Medical Center began notifying patients that a former vendor made patients' protected health information publicly accessible online since 2019.
The hospital learned of the data breach on April 2 after its virtual waiting room vendor, Medifies, had a misconfigured software update that made patients' PHI public, an April 23 notification letter said.
Upon discovering the breach, the hospital contacted Medifies to remove the information that same day and launched an investigation. Medifies retained a third-party forensic firm to investigate the breach. The investigation determined the software update that made patients' information public occurred in December 2019 — almost a year and a half before...