St. Francis Hospital inadvertently releases email addresses of 1,175 patients
|By Tony Adams, Columbus Ledger-Enquirer|
|McClatchy-Tribune Information Services|
"St. Francis understands the importance of safeguarding our patients' personal information and takes that responsibility very seriously,"
This apparently is the first such email incident, the hospital said. In this case, it said, the email was recalled "immediately," while those patients who were on the email string were notified of the "potential breach."
St. Francis said the 1,175 people whose emails were "exposed" are one-half percent of its total patient base.
"Because the email address is the only identifier on the email, St. Francis believes that the email poses very little risk of any potential financial or reputational harm to a patient," the hospital said in a media release.
St. Francis did not say how the email was sent with individuals' names on it or what information was on the message to them. But it said it was taking steps to make sure it doesn't happen again.
The hospital confirmed it is preparing an official notification concerning the incident to the
A "breach notification rule" mandates that health-care and medical entities let the HHS know when a breach of "unsecured protected health information" occurs, according to the agency's website.
"If the breach affects more than 500 individuals in a state or jurisdiction, the covered entity is required to provide notification to HHS (
Once such notification is made, the agency will open an investigation and post the incident publicly to a list of breaches on its website, she said.
Those St. Francis patients who have questions about the incident are asked to call the hospital at 1-800-723-4998.
(c)2014 the Columbus Ledger-Enquirer (Columbus, Ga.)
Visit the Columbus Ledger-Enquirer (Columbus, Ga.) at www.ledger-enquirer.com
Distributed by MCT Information Services