South Texas Health System began notifying 6,761 patients their data had been exposed because an employee emailed their emergency department visit information to an unknown recipient.
An employee emails a monthly report identifying all of the patients who have been discharged from the system's emergency departments. On April 7, the employee sent an email attaching the November 2020 report to an unknown person, a news release said.
Three details:
- The Edinburg, Texas-based health system discovered the breach on April 8. Shortly after, it tried to contact the recipient, but they have not responded. The health system is unable to identify who the unintended recipient of the email is and is unaware of what they did with the email.
- The report contained the patients' full names, data on where patients were discharged to, and the date and time they were discharged from the hospital. No Social Security numbers or financial information was exposed.
- On June 7, the health system began notifying the affected patients. It is taking steps to improve safeguards to prevent a recurrence, the release said.