U of Arkansas Medical Breach Potentially Compromises Radiology Patients' Data
A doctor at the University of Arkansas for Medical Sciences (UAMS) failed to properly anonymize patient records he e-mailed to a a billing specialist, resulting in a breach of patient information that has the Little Rock, AR, school scrambling to investigate the depth of the breach. “On April 6, UAMS discovered that the data did in fact contain identifiers, including patient names, UAMS account numbers, dates of service, interventional radiology procedures, diagnosis codes, and charges and payments, for approximately 7,000...interventional radiology patients seen at UAMS during 2009, 2010 and 2011,” read a statement from the UAMS Office of Communications and Marketing. UAMS does not believe any financial or Social Security information was compromised in the slip-up, and “was assured” by the billing representative “that he did not look at or use patient names when he worked on his financial analysis.” The doctor who e-mailed the information was disciplined internally and the UAMS security team worked to permanently destroy the data in question.