DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Mass email by Dent Neurologic inadvertently breaches privacy of 10,200 patients

Posted on May 15, 2013 by Dissent

Melinda Miller and Stephen Watson report:

Confidential information about more than 10,200 patients of Dent Neurologic Institute was inadvertently sent to more than 200 patients Monday in an email attachment.

The personal information – including patients’ names and home addresses, their doctors’ names, last appointment dates and their email addresses – was contained on an Excel patient spreadsheet.

The data does not include specific information about the patients’ medical conditions, birth dates or Social Security numbers, according to Dent, which attributed the privacy breach to “human error.”

Read more on Buffalo News.  WGRZ also covers the breach.

A substitute notice on DNI’s web site says:

PRESS RELEASE

Clerical Error Results in Mistaken Distribution of List by Dent Neurologic InstituteMay 14, 2013

The Dent Neurologic Institute (DNI) today disclosed that a clerical error yesterday (May 13, 2013) afternoon resulted in the accidental e-mail distribution of a list containing names and non-clinical information to approximately 200 Dent patients. The list did not contain any medical diagnoses, social security numbers, financial information, date of birth or contact phone numbers.  This list is soley used for the purpose of practice updates and educational events and to inform patients and referring physicians.

According to DNI CEO Joseph Fritz, the error was discovered just after it occurred on Monday afternoon and DNI personnel immediately began calling each of the 200 people who received the list and advised them the information was mistakenly sent to them, it was not intended for them and asked them to delete the email from their computers. As of Tuesday afternoon (May 14), all of the 200 individuals who received the e-mail, have been contacted.

The list contained the following information:

Name
Address
Active/Former Patient
Last Appointment
Scheduling Code
Primary Physician
Referring Physician
E-mail address

“We are very sorry this happened and we deeply apologize to all of our patients, referring physicians and WNY healthcare partners,” Fritz said. “Patient confidentiality is extremely important in our field and we take it very seriously and we will review how this accident happened so we can take steps to minimize the possibilities it could ever happen again. This is an inexcusable event.”

Fritz said the list was mistakenly attached to a routine e-mail that was being sent to patients by a clerk in the DNI administrative office.  “This was a case of human error and the person involved is a dedicated, long-term employee and there was absolutely no malice involved, but that doesn’t excuse it,” he said.

Fritz said DNI has self-reported the event to the New York State Department of Health and take whatever steps the state requires. In addition, DNI will send a letter of apology and explanation to all 10,000 patients and their referring physicians, whose names were on the list.

Patients who have questions are asked to call the Dent Neurologic Institute at 716-250-2000.

There are those who will likely think, “This could have been worse” in terms of the types of information exposed. But given the specialty nature of the facility as a neurological institute, just being identified as having been or being a patient there might be cause for concern for some patients who do not want others know that they have been seen for a possible neurological problem. Would a political candidate want it known? Would someone fear their employer might start asking questions? Was a patient keeping a secret from their family and friends?

Most breaches have  the potential to harm patients, even those that do not include diagnostic codes, treatment codes, or Social Security numbers.  This one strikes me as no different.

Category: Health Data

Post navigation

← CERT probing security breach at IT firms
Unions eye medical privacy violation →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.