CA: St. Joseph Health notifies almost 32,000 patients that records were exposed in search engines for one year (updated)

Dan Verel reports:

St. Joseph Health System has alerted more than 10,000 patients in Santa Rosa, Petaluma and Napa that their personal health information records may have been searchable on the Internet.

Notices of the possible security breach were sent on Monday to 6,235 patients from Santa Rosa Memorial Hospital, two from Petaluma Valley Hospital and 4,263 patients from Queen of the Valley in Napa, the health system said. Notices were also sent to facilities in Fullerton and Mission Viejo, bringing the total number of patients affected statewide to 31,800.

Read more on North Bay Business Journal.

Update: The Napa Valley Register has more on the breach.

Update 2:  Another news story suggests that the total affected may be even higher. The Daily Titan reports:

The confidential health records of approximately 20,000 patients treated at two Orange County hospitals were potentially available to find through online search engines, a St. Joseph Health System official said Wednesday.

The information belonged to patients of St. Jude Medical Center in Fullerton and Mission Hospital locations in the cities of Laguna Beach and Mission Viejo. The medical information of 31,800 patients across six separate hospitals in California was was also available online.

“We regret the situation, and we want to express our apologies that this did happen, and we are working very hard to make sure that this does not happen again,” said Susan Solomon, vice president of marketing and communications at the hospital. “We know the data is secure at this point.”

St. Jude became aware that the information was leaked when a patient’s attorney contacted officials at the hospital.



About the author: Dissent