Analecta Cyber Company Blog: Arkansas and Maryland Health Providers Notify Patients of Data Breaches

2015-11-05

Arkansas and Maryland Health Providers Notify Patients of Data Breaches

Another addition has been reported to the growing list of health data breaches. The latest breach happened in Arkansas and Maryland.
Neither breach included billing information or other sensitive data like Social Security numbers, but they both resulted in notification letters going out to patients because of potential privacy violations.


During the start of the 4th quarter of this year, the Baptist Health and Arkansas Health Group notified 6,500 patients that two former employees had downloaded patient information and taken it to their new health care organization, Bray Family Health.

According to the letter, Bray Family Health received numerous calls and letters from people contacted by Bray Family Health even though they never visited or received care from the facility. Investigations found that the two former employees were responsible for acquiring the patients’ information without the facility’s knowledge or consent.

Officials express regret

The information compromised included patient names, addresses, telephone numbers, dates of birth, gender, race, ethnicity, rendering provider, referring provider and the dates the patients were last seen by a Baptist Health provider.

Baptist Health officials expressed regret that the breach happened and clarified that the organization makes securing patient privacy a major concern.

 According to reports, the breach was made through an unencrypted laptop containing health information for cancer patients and study participants. Officials said they are reinforcing policies to keep all devices password-protected and encrypted to prevent another breach.