Diagnostic Radiology & Imaging suffers HIPAA email breach

Featured image

Share this article

hipaa email breach, hipaa email data breach, paubox hipaa breach report

On April 5, 2018, Diagnostic Radiology & Imaging submitted a HIPAA Email Breach to the U.S. Department of Health and Human Services (HHS).

Located in Greensboro, NC, Diagnostic Radiology & Imaging’s email breach affected 800 individuals’ protected health information.

Diagnostic Radiology & Imaging is classified as a Healthcare Provider.

According to Diagnostic Radiology & Imaging’s press release:

On January 31, 2018, DRI became aware of an impermissible disclosure of limited health information about approximately 800 patients. An investigation revealed that on November 11, 2017, an employee of DRI became the victim of a phishing attack. “Phishing” is a type of cybercrime in which individuals are targeted and tricked into revealing sensitive or confidential information. In this case, an attacker emailed DRI employees using an email address that appeared to be legitimate, and one DRI employee revealed information to the attacker that allowed the attacker to access the DRI employee’s work-related email account. Within that DRI employee’s email account, we found a limited amount of information about patients, including names, a general description of imaging services received (including date, type, and location of imaging service), medical record numbers, and in some cases, email addresses and phone numbers. In just a few cases, the patient’s date of birth was also included. As a result, the attacker gained access to that information.

Please note that the attacker did not have access to any of our patients’ Social Security Numbers or other financial information, and for that reason, we do not believe there is any risk of financial harm to our affected patients as a result of this phishing attack.

In accordance with DRI policy, and as required by federal law, DRI is notifying affected patients via first-class mail.

We take the confidentiality and secure handling of patients’ information seriously. Our investigation involved external forensic investigators as well as attorneys with experience in handling these types of incidents. We have policies and procedures in place regarding the confidentiality and security of patient information, and we train our employees on these policies and procedures on a regular basis. In response to this cybercrime, we have retrained our employees and contractors on our policies and procedures relating to privacy and security. We have also implemented more specific training on phishing and other types of cybercrimes to better educate our employees and contractors.

We are very sorry that this happened, and we are taking steps to try to prevent situations like this in the future. 

HHS Wall of Shame

The HHS Wall of Shame is a website under the jurisdiction of HHS that lists all HIPAA breaches reported within the last 24 months. The Wall of Shame displays breaches that are currently under investigation by the Office for Civil Rights.

As part of section 13402(e)(4) of the HITECH Act, the HHS Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.

HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals as reported in the HHS Wall of Shame.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Arianna Etemadieh

Arianna is an Inbound Marketing Specialist at Paubox. In her free time, she enjoys cooking, traveling, and volunteering at the animal shelter.

Read more by Arianna Etemadieh

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022