Tuesday, July 28, 2015
Nashville Patients Had Records Exposed
By Walter F. Roche Jr.
Two unnamed dental patients from the Nashville area inadvertently had personal health information posted on the web site of a Minnesota testing company for some 18 months.
In a legal notice published last week in a Nashville based newspaper, OralDNA Labs/Access Genetics disclosed that the names of the two patients, the names of their dentists and the tests performed were posted on the internet.
Curt Tokach, chief financial officer for the company, said that the patient data was posted inadvertently in a screen shot on a Frequently Asked Questions page on the company web site.
He said the legal notice was published because the company no longer had current contact information for the two patients.
He stressed that no test results or other personal data, such as social security numbers, were disclosed.
"Upon discovery of the breach," the legal notice states, "we immediately removed the PHI (protected health information) to protect the patients from any further unauthorized access."
According to the notice the two patients underwent periodontal testing between Jan. 1, 2013 and Jan. 15, 2013.
The data was "available for viewing" on the company website from Nov. 15, 2013 to May 26, 2015 when it was discovered.
Calling the incident unfortunate, Tokach stressed that only the two patients' data was disclosed.