An e-mail breach compromised protected health information for 1,800 patients at St. Vincent Indianapolis Hospital in Indiana.

The facility in recent days briefly posted notice of the breach on its Web site and sent notification letters to affected patients.

"Regrettably, on November 15, 2010, St. Vincent Indianapolis learned that on November 12, 2010, some St. Vincent Indianapolis employees unintentionally revealed their email login information to third parties," according to the notice. "This incident allowed third parties to access certain email accounts within St. Vincent Indianapolis. These email accounts contained protected health information, including individual names, dates of service and certain clinical and diagnostic information, of approximately 1,800 patients treated at St. Vincent Indianapolis."

According to the Indianapolis Star, a hacker claiming to work within the hospital persuaded some employees to share their e-mail log-in information. The hacker did not have access to electronic health records systems, but had access to e-mail that clinicians exchanged.

A hospital spokesperson did not respond to a message asking for more information.

--Joseph Goedert

 

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access