Your email can cause a data breach: Why?

Using a personal unsecured email or USB for health information can cause a data breach.

Penn State Hershey hospital found this out the hard way.

Hershey hospital is notifying roughly 1,801 patients of a HIPAA breach after an employee accessed and transmitted patients’ protected health data outside of the hospital’s secure information network.  Names, medical records numbers, medical lab tests and results and visits dates could have been accessed by an unauthorized person or entity due to the employee’s mistake.  Article.

Although the individual was authorized to work with protected health information, the individual accessed patient data via an unsecure USB device through his home network rather than the hospital network.  Moreover, he also transmitted patient data via his personal email to two Penn State physicians. Hershey Hospital was very proactive and transparent regarding this potential breach.

Hershey’s public notice states:

“Penn State Hershey considers patient privacy and confidentiality to be of the utmost importance and chose to notify patients of this incident out of an abundance of caution.” “To decrease the likelihood of similar circumstances occurring in the future, Penn State Hershey is increasing education efforts with employees, focusing on the essential responsibility of all staff to safeguard patient health information at all times and follow proper practices for doing so.”

We cannot stress the education factor enough:

  1. Be proactive;
  2. Allow employees to learn prior to an incident, rather than after a breach, and
  3. Provide a regular forum for Staff employees to ask questions.

Despite medical practices and hospitals best efforts, data breaches are still a reality.  Take action!

Tell us how your organization protects its information and educates its staff?

Share your ideas with us by clicking on the comment button below.  We’d love to hear from you. Get “News You Can Use” delivered directly to your e-mail inbox. Click here to Subscribe.

Related Posts


Recent Posts

Do I Need an Emergency List?
March 23, 2023
Breaking: New Self-Disclosure Policy
March 21, 2023
What is a Power of Attorney?
March 16, 2023
Can Your EHR Template Land You in Prison?
March 14, 2023
What Happens When You Don’t Fund Your Trust?
March 9, 2023


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!