DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Holy Cross Hospital Notifies Emergency Room Patients of Possible Data Breach

Posted on November 11, 2010 by Dissent

FT. LAUDERDALE (November 10, 2010) – Holy Cross Hospital announced today that it has begun sending letters to notify some of its hospital Emergency Room patients of a possible compromise of personal data from patient data sheets and to offer free credit monitoring services.

Holy Cross Hospital was informed by federal authorities that personal data from 38 Holy Cross Hospital patient data sheets had been recovered in a criminal investigation.  Working in cooperation with the U.S. Attorneys Office and U.S. Postal Inspection Service since June, Holy Cross conducted a thorough internal investigation and eventually identified an employee as the source of the data theft. The individual’s employment at the Hospital was immediately terminated.

The investigation determined that this was not a compromise of the hospital’s computer systems or network security, but involved paper copies of patient data sheets. These sheets contained basic identifying information including names, addresses, dates of birth, Social Security numbers, and brief descriptions of initial diagnosis from the Emergency Room visits.

“We place the highest priority on protecting the privacy and security of our patients’ confidential personal information,” said Dr. Patrick Taylor, President and CEO of Holy Cross Hospital.  “We expect all Holy Cross employees to reflect this institution’s strong values of caring and dedication to the welfare of our patients.  For that reason we are outraged and saddened by this former employee’s violation of that trust placed in us by our patients. We pledge to continue our full cooperation with law enforcement officials and prosecutors to ensure the administration of just punishment to all of those connected with this reprehensible act.”

At this time the hospital believes as many as 1,500 patient data sheets of Emergency Room patients may have been compromised by this employee during the period of April 2009 to September 2010.  Since it is impossible to determine the identities of all those possibly affected, the hospital is taking the extra precaution of notifying each patient that came through the Emergency Room during the period of time that the employee worked in the Emergency Room. Patients who received treatment in other hospital departments are not part of this notification and are not affected by this incident.  The process of sending out the notification letters began this morning.

“While it may be impossible to absolutely prevent an employee from violating our values and policies for personal gain, we are determined to take all necessary steps to review and strengthen our administrative procedures to ensure that we are providing the highest level of data security possible,” said Dr. Taylor.

According to Dr. Taylor, the hospital has already made a procedural change that limits the amount of key personal data included in the type of documents involved in this incident.  The hospital is also conducting a comprehensive review of its systems, policies and procedures to identify any other possible improvements.

In the letter that the affected patients will receive, Holy Cross Hospital is offering one year of free credit monitoring services from Experian to help them monitor against the possibility of identity theft and providing an information line to field patient inquiries (1-800-388-4301).

Additional information is available at www.holycrossIDprotect.com.

Source:  Holy Cross Hospital

No related posts.

Category: Health Data

Post navigation

← UK: Security alert over NHS data breach
NY: Town officials investigate security breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group
  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.