HONOLULU–The Queen’s Health System is notifying approximately 2,900 patients from The Queen’s Medical Center and Queen’s North Hawaii Community Hospital that some of their personal health information may have been inadvertently exposed when an email containing the information was sent to the wrong address. Letters to the affected patients were mailed on February 20.
Importantly, Social Security numbers and financial account information were not included in the email and patients should be assured that their financial security is not at risk.
“We take the privacy and confidentiality of our patients’ information very seriously and deeply regret the concern and inconvenience this situation may cause,” said Harold Moscho, Vice President of Information Technology and Chief Information Officer. “There is no indication that the information has been or will be misused. Maintaining our patients’ trust is our utmost priority and thus, we believe proactively making them aware of this situation is essential. Upon learning of the incident, we moved as quickly as possible to confirm the facts and then to set up the call center and distribute the letters to the affected individuals.”
The incident occurred February 3 when an employee inadvertently sent an email to the wrong address. The email included an attachment that contained information on 2,852 patients who had been seen since June 1, 2019. The information involved includes patient name, patient account number, health plan ID, admission date, discharge date and other limited information related to the patients’ care. In approximately 300 cases, the information also included patient diagnoses. The error was discovered the next day and steps were immediately taken to contact the recipient and recall the message. To date, our efforts to contact the individual or recall the email have been unsuccessful.
The Queen’s Health System recommends that affected patients carefully review the statements they receive from their insurers and health care providers. If any services that were not provided to them are listed, they should contact the insurer or provider immediately.
A hotline has been established for affected patients who have questions. Patients can call 1-844- 904- 0956, Monday through Friday between 8:00 am and 5:30 pm, HST.
“While Queen’s has long had safeguards in place to protect patient information, we have taken additional steps to prevent this from occurring in the future. Queen’s is committed to being best- in- class when it comes to information security and our commitment to providing superior healthcare includes ensuring the security and confidentiality of our patients’ information,” Moscho said.
Editor’s Note: Data published by Modern HealthCare provide perspective on the scale and scope of information breaches in the healthcare industry. 300,000 people were affected in December 2019, alone. The top 20 incidents in 2019 ranged from 11 million to 277,000 individuals affected (chart in Feb. 10 print edition).