1 min read

University Medical Center Physicians suffers HIPAA email breach

Picture of Hoala Greevy Hoala Greevy August 30, 2018

Healthcare cybersecurity news
Paubox HIPAA Email Breach graphic

On August 16, 2018, University Medical Center Physicians submitted a  HIPAA Email Breach to the  U.S. Department of Health and Human Services (HHS).

Based in Lubbock, Texas, the University Medical Center Physicians email breach affected  18,500 individuals’  protected health information.

University Medical Center Physicians, or UMC Physicians, is classified as a Healthcare Provider. According to a statement from UMC Physicians:

On May 18, the UMCP IT team discovered that an employee’s email account was hacked on March 15, potentially compromising the personal health information of more than 18,000 patients.
UMCP immediately started an investigation to determine the source and impact of the hack and notified the appropriate law enforcement agency.
The UMC and UMCP IT teams also immediately took action to strengthen security efforts to decrease chances of another incident happening in the future.
UMCP has no evidence of actual or attempted misuse of personal information at this time. Patients’ personal information that could be affected includes: names, addresses, phone numbers, medical record numbers, diagnoses, social security numbers, date of birth, dates of service and health insurance information.
UMC and UMCP understand this incident may create worry and inconvenience for patients, and the health system sincerely apologizes and regrets that this incident has occurred.

 

Observations

UMC Physicians uses Microsoft 365 as their email platform. As the data clearly showed in 2018, the email security provided by Microsoft 365 alone is insufficient to stop HIPAA email breaches.

 

HHS Wall of Shame

 

The  HHS Wall of Shame is a website under the jurisdiction of HHS that lists all HIPAA breaches reported within the last 24 months. The Wall of Shame displays breaches that are currently under investigation by the Office for Civil Rights. As part of section 13402(e)(4) of the HITECH Act, the HHS Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.

 

HIPAA Breach Report

 

The  Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals as reported in the HHS Wall of Shame.

 

Try Paubox Email Suite for FREE today.
Start for free
 
Secure every email you send and receive HIPAA compliant. Threat-proof. Hassle-free.
Paubox HIPAA Email Breach graphic

Iowa Health System d/b/a UnityPoint Health suffers HIPAA email breach - again!

Seiji Iwasaki : August 20, 2018

On July 30, 2018, UnityPoint Health submitted a HIPAA Email Breach to the U.S. Department of Health and Human Services (HHS). Based in West Des...

Healthcare cybersecurity news
Read More
Paubox HIPAA Email Breach program logo

United Methodist Homes suffers HIPAA email breach

Seiji Iwasaki : September 28, 2018

On August 31, 2018, United Methodist Homes submitted a HIPAA Email Breach to the U.S. Department of Health and Human Services (HHS). Based in ...

Healthcare cybersecurity news
Read More
Paubox HIPAA Email Breach logo

UConn Health suffers email HIPAA breach

Rick Kuwahara : March 6, 2019

On February 21, 2019, UConn Health submitted a HIPAA Email Breach to the U.S. Department of Health and Human Services (HHS). Located in Farmington, CT

Healthcare cybersecurity news
Read More

Subscribe to Paubox Weekly

Every Friday we bring you the most important news from Paubox. Our aim is to make you smarter, faster.