Hospice of Chesapeake notifies patients after employee emailed work home and someone may have gained access

Sara Blumberg reports:

In the days after learning the Hospice of the Chesapeake patients’ personal information might have been compromised, President Michael McHale said the nonprofit shifted to emergency mode.

“We shut down our system right away,” he said.

Officials from the Pasadena-based hospice feared an outside party had infiltrated its computer network.

Instead, a two-month internal investigation found one of its own employees emailed spreadsheets containing patient information to a personal account on Aug. 8 to complete work from home — and someone possibly gained access.

More than 500 patients’ names, ages, dates of service, diagnoses and medical record numbers were at risk.

Hospice announced the security breach Oct. 9, two months after discovering it.

Read more on Maryland Gazette.  There is no notice on the hospice’s web site as of the time of this posting.

About the author: Dissent