UW Medicine data breach: Approximately 974,000 affected patients

Approximately 974,000 University of Washington medical patients are affected by a data breach that released some names medical record numbers and other information on the Internet last December.

UW Medicine is in the process now of distributing letters to those affected with the report of the data breach.

Hospital staff said files released did not contain any medical records, patient financial information of Social Security numbers.

King County Councilmember Reagan Dunn is introducing legislation Wednesday afternoon calling on the County Executive to create a commission to investigate UW Medicine’s potential breach of public health records.

“This is a breach of data, but it’s also a massive breach of the public’s trust,” Dunn said in a statement. ”That’s why I am immediately introducing legislation requesting the County Executive to form a commission to investigate what went wrong, why it happened, and how to ensure this never happens again. The public deserves so much better.”

“UW Medicine became aware of a vulnerability on a website server that made protected internal files available and visible by search on the internet on Dec. 4, 2018,” spokeswoman Susan Gregg said in a statement. “The files contained protected health information (PHI) about reporting that UW Medicine is legally required to track, such as reporting to various regulatory bodies in compliance with Washington state reporting requirements.”

Gregg said when UW Medicine learned of the files exposure to the Internet, “we took immediate steps to remove the information from the site and initiated appropriate measures to remove saved information from any third-party sites. At this time, there is no evidence that there has been any misuse or attempted use of the information exposed in this incident.”

 

“This story was originally published by mynorthwest, on February 20”
(http://mynorthwest.com/1281738/uw-medicine-data-breach-2019/)