Unencrypted E-Mail Leads to Breach

Geisinger Physician Sent Information to Home Computer
Unencrypted E-Mail Leads to Breach
Geisinger Health System has notified about 3,000 patients about a breach incident in which a physician inappropriately e-mailed unencrypted health information from his work computer to his home computer.

Last month, a gastroenterologist who formerly worked at Geisinger Wyoming Valley Medical Center in Wilkes-Barre, Pa., e-mailed to his home computer patient names, medical record numbers, procedure indications and brief impressions regarding the care provided. The information did not include Social Security numbers or other personal information, such as address and phone number, Geisinger reported.

"Immediately upon speaking with the physician, he contacted and authorized his home e-mail provider to delete the protected health information from its network and servers," said John Gildersleeve, Geisinger's privacy officer. "He also deleted this information from his home computer.

Patients were notified of the breach in compliance with the HITECH Act's breach notification rule. "We have reviewed our internal practices and taken appropriate action to avoid reoccurence," Gildersleeve said. "We believe there is little risk that the protected health information was seen by anyone other than the physician himself."


About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.