Administrators at Rady Children’s Hospital took steps to prevent another patient data breach, the acting president of the hospital told a City Council committee Wednesday.
Dr. Donald Kearns told members of the Public Safety and Livable Neighborhoods Committee that staffers had been given more training about safeguarding patient information.
The hospital also started using a program that scans emails for private data and blocks those emails from leaving hospital computers, Kearns said.
In June, an unidentified hospital employee mistakenly attached a document containing information on thousands of patients to an email sent to four job applicants, he said.
“The data consisted of names and diagnoses but did not have any addresses or Social Security numbers and did not have any more specific information,” Kearns said.
One of the email recipients notified the hospital of the mistake.
Kearns, recently responding a question about what he was most proud of over the past year, said that it was the hospital staff’s response to the data breach.
“We put together a team of volunteers, including physicians, managers and staff and, over a three-day period of time, we called 14,121 families,” Kearns said. “We did not outsource this. We did it ourselves.”
Hospital staffers notified people whose names and diagnoses were attached to the emails and made sure the data was removed from the recipients’ computers.
“Breaches of private information are a serious concern,” said Marti Emerald, chair of the committee. “We’ve seen over the years breaches by government entities as large as (Veterans Affairs) and private businesses, credit card companies, banks, losing track of hundreds of thousands of records on customers and members.”
Kearns’ report was informational only. No official action was taken regarding it.
— City News Service