DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

St. Elizabeth Physicians’ email gaffe exposed patient email addresses

Posted on September 15, 2016 by Dissent

Here’s an incident involving St. Elizabeth Physicians that happened last month but just showed up on HHS’s public breach tool now. From their August 23 notice:

On July 12, 2016 St. Elizabeth Physicians inadvertently released the email addresses of 674 individuals in an email sent by its Weight Management Center inviting the recipients to a vitamin presentation and open forum meeting. The sender inadvertently and mistakenly failed to blind copy the recipients thus allowing all email addresses to be visible by all recipients.  No social security numbers, phone numbers, addresses, or any other personal health or identification information was disclosed. The only information disclosed was email addresses.

Although there is a very low risk to the affected individuals, St. Elizabeth Physicians has offered to provide each individual one year of identity theft monitoring at St. Elizabeth Physicians’ expense and has encouraged the notified individuals to, as always, use caution when receiving any email related to the solicitation of information or for the sale of products and services.

St. Elizabeth Physicians has promptly and thoroughly investigated the matter and has reviewed its procedures. Corrective action has been pursued to avoid this from happening in the future.

St. Elizabeth Physicians takes patient confidentiality very seriously and is committed to maintaining the privacy and security of all patient information. St. Elizabeth Physicians regrets that this incident has occurred and is committed to preventing future occurrences.

Patients may call 1-855-809-9217 from 9:00 a.m. – 5:00 p.m. with any questions or submit inquires electronically here. Trained staff is available to address any questions related to this matter.

Some email addresses may have revealed the patients’ names, but even so, offering identity theft monitoring for exposing email addresses (and maybe names)? Seriously? That’s going a bit far…

Category: ExposureHealth DataU.S.

Post navigation

← Geisinger Health Plan notifies 2800 that processing error exposed their PHI to others
OH: City says it wasn’t hacked by group →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations
  • HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
  • UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw
  • Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected
  • Russian-linked hackers target UK Defense Ministry while posing as journalists
  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.