Yale New Haven Health in Connecticut has issued a statement concerning an error that exposed some patients’ files to the public between December 16, 2021 and April 18, 2022:
New Haven, CT (June 17, 2022) –Yale New Haven Hospital (YNHH) today announced that a file created for research was unintentionally posted on a public facing website and may have been accessed by a small number of people.
On April 18, 2022, YNHH learned that a web file containing patient information was inadvertently made accessible via our website. YNHH immediately took steps to ensure the website and content were no longer accessible or searchable via the internet. We also engaged a third-party forensic firm to assist us in our investigation.
Our investigation determined the web file was accessible between December 16, 2021 and April 18, 2022. The file was made accessible through human error, was inadvertent in nature and was not due to intentional or malicious actions. A review of the file determined it included name, telephone number, email address, age range, preferred language, medical record number, procedure type, and date and location of service. No Social Security number nor financial information were included in this file.
We deeply regret any inconvenience and concern this incident may cause you. Yale New Haven Hospital understands the importance of maintaining your protected health information, and we take seriously the security of this information. As a result of this incident, we have reviewed the security permissions across our internet facing systems and will provide training and guidance to remind employees of their continued need to safeguard patient health information. Additionally, we are continuing to enhance our existing technical safeguards to further protect our systems and the information we maintain.
Yale New Haven Hospital truly regrets any inconvenience or concern this has caused. As a premier healthcare provider, we strive to demonstrate respect for patients and our community and to always safeguard that information. Letters have been mailed to all those whose information was involved in this incident and if anyone has any concern, they can call 855-503-1965.