More than 63,000 patients had their personal health information (PHI) exposed due to a “misconfigured security setting” on a radiology interface at Middletown Medical in Middletown, New York. The incident took place on Jan. 29.
The patients’ financial data and Social security numbers were not exposed, according to a report from HIPAA Journal. Names, patient ID numbers, birth dates and information about radiology services were what was exposed.
Middletown Medical reviewed its policies, implemented new safeguards and held additional training for employees after the incident. To date, there are no signs that the exposed PHI was used in any capacity.
Click below to read the full story.