Philadelphia hepatitis data exposure posed ‘no risk to confidentiality’ because of Inquirer notification, city says

Nathaniel Lash reports:

The medical records of thousands of Philadelphians were not compromised, the city said, after The Inquirer notified the city’s Health Department of a data breach that attached positive hepatitis test results with intimate personal details.

This finding comes after an investigation by the city’s Public Health Department and a team with the Centers for Disease Control and Prevention concluded that an Inquirer reporter was the only person to see the records before notifying the department of the breach.


The city said the records were not protected under the Health Insurance Portability and Accountability Act, a federal law that imposes strict data privacy standards on health-care providers and insurance agencies. The health department said the data was not used by a so-called “covered unit” subject to HIPAA.

Read more on The Philadelphia Inquirer.

About the author: Dissent

Comments are closed.