University Medical Center Physicians suffers HIPAA email breach

Featured image

Share this article

hipaa email breach, hipaa email data breach, paubox hipaa breach report

On August 16, 2018, University Medical Center Physicians submitted a HIPAA Email Breach to the U.S. Department of Health and Human Services (HHS).

Based in Lubbock, Texas, the University Medical Center Physicians email breach affected 18,500 individuals’ protected health information.

University Medical Center Physicians, or UMC Physicians, is classified as a Healthcare Provider.

According to a statement from UMC Physicians:



On May 18, the UMCP IT team discovered that an employee’s email account was hacked on
March 15, potentially compromising the personal health information of more than 18,000
patients.
UMCP immediately started an investigation to determine the source and impact of the hack and
notified the appropriate law enforcement agency. The UMC and UMCP IT teams also
immediately took action to strengthen security efforts to decrease chances of another incident
happening in the future.UMCP has no evidence of actual or attempted misuse of personal information at this time.

Patients’ personal information that could be affected includes: names, addresses, phone numbers,
medical record numbers, diagnoses, social security numbers, date of birth, dates of service and
health insurance information.

UMC and UMCP understand this incidence may create worry and inconvenience for patients,
and the health system sincerely apologizes and regrets that this incidence has occurred.


Observations

UMC Physicians uses Microsoft 365 as their email platform.

As the data has clearly shown in 2018, the email security provided by Microsoft 365 alone is not sufficient to stop HIPAA email breaches.

HHS Wall of Shame

The HHS Wall of Shame is a website under the jurisdiction of HHS that lists all HIPAA breaches reported within the last 24 months. The Wall of Shame displays breaches that are currently under investigation by the Office for Civil Rights.

As part of section 13402(e)(4) of the HITECH Act, the HHS Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.

HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals as reported in the HHS Wall of Shame.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022