DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

TX: Denton County Health Department Alerts TB Clinic Patients to Breach

Posted on April 10, 2015 by Dissent

From the Denton County Health Department:

HIPAA Security Breach Notification

April 10, 2015

On February 13, 2015, a Denton County Health Department employee temporarily left a USB drive at a local printing store in order to print a personal document from the device. Unfortunately, that USB drive included 874 unsecured data files of tuberculosis (TB) clinic patients belonging to the Denton County Health Department, including patient names, dates of birth, addresses, TB test results and other protected health information as defined by the Health Insurance Portability and Accountability Act (HIPAA). The data files did not include any financial information or any social security numbers.

“We take patient confidentiality very seriously, and we deeply regret this breach of security and the inconvenience for patients. We have spent the past few weeks conducting a thorough investigation to determine the facts and are encouraged there is no evidence that any confidential information was accessed,” said Dr. Matt Richardson, Director of Public Health for Denton County. “Nevertheless, in light of this event, we have reviewed and updated our internal policies and procedures, performed additional, mandatory training for all employees and have changed the way electronic files are stored.”

The health department found no reason to believe that any patient’s information was accessed by the document printing company or anyone outside of the Denton County Health Department. The department employee left the USB drive unattended for approximately one hour, and upon realization that there were patient records involved, voluntarily reported the potential breach. The health department immediately began an internal investigation.

In compliance with Texas and federal law, affected patients are being notified by mail. Letters to patients potentially affected should be received by early next week, and although the Denton County Health Department is not aware of any access or misuse of the information, these patients are encouraged to take steps to eliminate or minimize any potential harm that could result from this incident. Because some personal information was included in this breach, officials are recommending that patients affected consider obtaining credit reports from one or more of the major credit reporting agencies and monitor financial and bank accounts for unauthorized activity.

As a reminder, under federal law, consumers are entitled to a free copy of their credit report, at their request, from each of the major nationwide credit reporting companies once every 12 months. To order a free annual credit report, visit www.annualcreditreport.com, call toll-free 877-322-8228, or complete the Annual Credit Report Request Form (www.consumer.ftc.gov) and mail to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.

“Maintaining trust and confidence in the health department is our goal, and this notification is an important step in rebuilding that trust. We’ve been working hard to address gaps in the way we protect data and we promise to continue that work to prevent further mistakes,” said Dr. Richardson.

Those patients receiving letters can call Denton County Health Department at (940) 349-2900 with any questions or concerns.

Category: ExposureGovernment SectorHealth DataU.S.

Post navigation

← TN: Former Le Bonheur Children’s Hospital employee indicted for identity theft and fraud
Education Sector Struggles With Botnets: BitSight →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)
  • Private Industry Notification: Silent Ransom Group Targeting Law Firms
  • Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
  • PA: York County alerts residents of potential data breach
  • FTC Finalizes Order with GoDaddy over Data Security Failures
  • Hacker steals $223 million in Cetus Protocol cryptocurrency heist
  • Operation ENDGAME strikes again: the ransomware kill chain broken at its source
  • Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
  • Mysterious hacking group Careto was run by the Spanish government, sources say

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.