Email Security Breaches Reported by Arkansas Otolaryngology Center and Centerstone of Indiana

HIPAA Journal

Steve Alder

Little Rock, AR-based Arkansas Otolaryngology Center is alerting 12,000 patients about an email security breach discovered on July 17, 2020. An unauthorized individual was discovered to have gained access to the email account of an employee and was using the account to send unauthorized messages.

Assisted by a third-party computer forensics company, Arkansas Otolaryngology Center determined that four email accounts had been compromised between July 17, 2020 and July 27, 2020. It was not possible to determine whether any emails in the accounts had been subjected to unauthorized access during the time the accounts were accessible.

A review of emails and email attachments in the compromised accounts revealed they contained the following types of protected health information: names, dates of birth, medical record numbers, Social Security numbers, diagnoses, doctors’ names, driver’s license numbers, state identification card numbers, insurance group numbers, treatment locations, and treatment or procedure types or codes. A limited number of individuals also...

Get the Morning Update

Thanks for subscribing!