Notice of breach of unsecured health information
This is a notice for patients whose information is accessible through New England Healthcare Exchange Network (NEHEN). On July 13, 2016, Codman Square Health Center was notified that a health information exchange was accessed without authorization and against Codman’s policies. The individual accessed information of many individuals that are not patients at Codman. The information available through the NEHEN network contained names, addresses, dates of birth, gender, medical services payer information, and medical insurance coverage information. For some, but not all individuals, Social Security numbers may have been accessible, although there is no indication that the information was misused. All patients of Codman Square Health Center who are affected will be notified by mail. Those Codman patients who do not receive a letter have not been affected. For affected individuals who are not Codman patients, those directly affected will be notified by mail if contact information is provided. The health center has suspended or terminated all employees involved in the incident. Codman Square has also retrained all employees. If you have a question about this incident, please call 1-844-749-5107.
According to Codman’s submission to HHS, they are notifying 3,840 members.
DataBreaches.net has sent an inquiry NEHEN to ask how many people, total, were affected by insider wrongdoing, what the motivation of the employees was, and whether the police have been contacted for criminal prosecution of employees, but received no reply by the time of this publication. This post will be updated if more information becomes available.