Radiology files with protected health information created for research at Yale New Haven (Conn.) Hospital were accidentally posted to the hospital's public website for four months, the hospital revealed June 17.
Three details:
1. Yale New Haven Hospital discovered a web file containing name, phone numbers, email and service information was accessible through its website Dec. 16 to April 18 due to human error.
2. The hospital removed the file from its website and engaged a third-party firm to investigate the incident.
3. Yale reviewed security permissions for its internet facing systems and plans to provide additional employee training to prevent a similar incident from happening again. The hospital is also enhancing technical safeguards around patient information.