13 Jul University of Iowa Health Care Patients of Data Breach
Earlier last month, the University of Iowa Health Care (UIHC) warned 5,300 patients that their personal data had been left accessible online for 2 years. The hospital noted that it was a “limited set of data” that came with their health records.
Upon learning their mistake, UIHC immediately sent letters on June 22 to all affected patients. The hospital also clarified that the exposed patient information did not include social security numbers, credit card numbers, and clinical information like diagnoses.
The leaked data was accidentally saved in encrypted files that was posted using a file-sharing site. According to UIHC, web developers still use the file-sharing site, but the information is always coded to ensure privacy.
The exposure may have been limited, but UIHC realized the gravity of the situation and conducted a full investigation. They also promised to improve training to ensure employees always secure patient records.
Source: The Gazette