Is Your Email a Risk to Patients’ PHI?

Yes, email can be an easy target for hackers to gain access to your patient’s protected health information (PHI).

We can help your practice get up to date and prepared to minimize breach risks from third-party vendors. Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

Recently, a compromised employee email account led Michigan Medicine to notify almost 3,000 patients that their information may have been compromised.

In the Michigan Medicine incident, a cyberattacker gained access to the employee’s email and sent phishing emails from the account.

The employee realized the account was compromised 14 days after initial access was gained by the cyberattacker and the employee reported the situation to the IT department. The employee’s account was disabled and password changed.

Some emails contained PHI, including names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and health insurance information.

While it is unknown whether the hacker was interested in PHI or not, Michigan Medicine still had to notify all patients that were potentially impacted.

It’s essential to protect your practice, so that you can avoid potential cyberattacks.

How can you protect your patients’ PHI from email cyberattacks?

Make sure your security protections are up to date.

Train your employees to look out for potential red flags or suspicious activities and make sure they know who to report suspicious activity to and when to report.

Make sure your employees only access email through secure devices and locations.

And finally, make sure your employees are frequently changing their passwords for all accounts.

We know you’re busy. Subscribe to our blog to get updates and news sent directly to your inbox!

We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, subscribe today!

Do you need help with updating your Business Associate Agreement or negotiating contracts with third-party vendors?  We can help. To contact us about your Business Associate Agreement, your vendor contracts or your other legal needs, call us today.

Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.