CORRECTION AND UPDATE: DataBreaches has been contacted by a spokesperson for Delaware Health Information Network who says that they were not the party responsible for this breach and this site should not have linked to them and should have linked to Delaware Health Net if they were the responsible party. DataBreaches checked the medical center’s notice and they did name “Delaware Health Network.” In light of Delaware Health Information Network’s comment to this site, DataBreaches has removed the link to them and edited the headline with apologies for the error. We also note that the Henrietta Johnson Medical Center may wish to clarify their notice or link to the responsible party to prevent others from being confused, too.
The Henrietta Johnson Medical Center in Delaware has posted notice that some patient data was involved in a breach at Delaware Health Network (“DHN”) [see correction above]. DHN is a healthcare-controlled network provider and electronic health records management provider that provides services to Henrietta Johnson Medical Center (“HJMC”) and other entities.
According to HJMC’s notice, DHN experienced a “cyber event” that began on April 5. That incident involved unauthorized access to systems and the copying of certain files. And also according to their notice, to date, DHN has not identified the precise patient data that may have been impacted. Unsurprisingly, then, HJMC submitted a report to HHS on June 27 that indicated 500 patients were affected, which DataBreaches interprets as a marker for “Hey, we know we have more than 500 patients affected and we have to report within 60 days, so we’re letting you know we had a breach.”
Based on the information DHN provided to HJMC so far, the medical center says that it is possible the patient data involved full name, date of birth, ethnicity, medical record number, diagnosis code, lab information, and health insurance information.
DataBreaches has not seen any other DHN clients reporting a breach (yet), but wonders how many of them do not know how many patients were affected, and why DHN can’t tell them that.
You’ve named and linked to the wrong party – please correct to Delaware Health Net, if that is indeed the party who sustained the data breach. Delaware Health Information Network is not correct, and we ask that this be remedied immediately.
Hi Stacey. I accurately reported what Henrietta Johnson Medical Center is claiming. See their notice at https://www.hjmc.org/notice-of-data-event.html where they repeatedly name Delaware Health Network. I suggest you get in touch with them to have them correct their notice if their notice is incorrect. I’ve issued a correction at the top of the article here and will contact them about their error, too.
Apologies for not being more clear: Your site incorrectly linked to Delaware Health Information Network’s website, but you’ve since corrected. Thank you. Delaware Health Information Network and Delaware Health Network are two unrelated entities with their own websites.
I think I’ve re-edited it now to make things clearer. Sorry about it all and glad it’s sorted out now.