DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Cook County Health & Hospitals System notifies hundreds of patients that email with PHI was sent without encryption

Posted on September 22, 2014 by Dissent

On September 17, Cook County Health & Hospitals System posted a breach notification on their site:

As part of a collaborative public health project, an individual working on behalf of CCHHS sent an e-mail to an authorized individual at a non-Cook County healthcare organization in July 2014.

The transmitted information contained protected health information that was not encrypted. Encryption is a process that converts the information into a format that cannot be easily understood by unauthorized people. This was identified immediately after the e-mail was sent. The receiving organization deleted the e-mail without reviewing the contents. There has been no indication of unauthorized use of the information and CCHHS officials have notified affected individuals.

The information contained patient names, date of birth, race, ethnicity, gender, zip code, medical record number, date of service, place of service, type of lab test performed and lab test results. The information DID NOT contain patient addresses or social security numbers.

CCHHS provides ongoing training to its workforce on issues surrounding patient privacy. In response to this incident, CCHHS initiated corrective actions to make every effort to ensure this does not happen again and has followed its policies and procedures with regard to violations of patient privacy.

Patients who have questions or would like additional information should call toll-free 1-877-476-1873 (8 a.m. to 5 p.m. Monday through Friday), e-mail the Cook County Health & Hospitals System Compliance Program at [email protected] <mailto:[email protected]> or send a letter to Cathy Bodnar, Chief Compliance and Privacy Officer, Cook County Health & Hospitals System, 1900 West Polk, Suite 123, Chicago, IL 60612.

This incident was reported to HHS as affecting 767 patients. Significantly, perhaps, considering that lab tests and results were included in the email, CCHHS listed South Suburban HIV/AIDS Regional Clinics as the business associate involved. SSHARC did not respond to an email inquiry sent earlier today via their website for a statement.

No related posts.

Category: Uncategorized

Post navigation

← Kansas State U. discloses possible leak of student personal information
CFPB Must Improve Financial Data Security: GAO →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.