WTOC reports that St. Francis Hospital sent out the following news release on Monday, June 9:
Protecting the personal information of our patients is one of our most important responsibilities. Regrettably, this notice is regarding an unintentional incident involving a limited number of patient email addresses.
On Friday, May 30, 2014, St. Francis became aware that an email was sent to approximately 1,175 patients, representing less than one half of a percent of our patients. The only identifiable information contained in the email was the patients’ email address. The email recipients were not blind copied, thus exposing individual email addresses to other patients. St. Francis acted immediately to initiate a recall of the email and has notified those involved of the potential breach.
Because the email address is the only identifier on the email, St. Francis believes that the email poses very little risk of any potential financial or reputational harm to a patient. As a precaution, we are sharing this information to be transparent and ensure our patients and their families that St. Francis has extensive safeguards in place to protect the privacy and security of protected health information. St. Francis continually reviews and updates its security safeguards and is implementing additional steps to secure any further emails that are sent to multiple recipients.
“St. Francis understands the importance of safeguarding our patients’ personal information and takes that responsibility very seriously,” says Pam Burns, St. Francis Privacy Officer. “We will continue to do all that we can to work with our patients to help minimize any potential impact of this situation. We regret that this incident has occurred, and we are committed to preventing such occurrences in the future. We appreciate our patients’ support during this time.”
Patients who have questions concerning this matter should contact 1-800-723-4998.