An accidental e-mail exposed confidential medical information at The Regional Medical Center in Memphis. Hundreds of The MED's patients received letters this week warning their personal information and some of their medical histories had been compromised.
A spokeswoman for The MED says an employee sent an e-mail with an attachment that contained patient information. The e-mail went to an outside organization that shouldn't have access to patient information.
The hospital places a high priority on the security of patient records and they're taking this incident seriously.
The MED says nearly 1,200 patient records are impacted by this security breach. The information that was shared through the breach contained Social Security numbers, personal data, and some medical history.
All of the patients affected were being treated at The MED's outpatient physical therapy clinic.
The MED's IT department discovered the breach during an internal security audit. The data was sent out on March 15.
Administrators at The MED launched an internal investigation into the incident. They found this was a mistake by an employee. There was no malicious or criminal intent, just simply information being sent to someone who shouldn't have access to it.
The MED identified all of the patients who had their information sent out. Those patients all received letters explaining what happed.
In addition they are offering them one year of identity theft protection. They say out of an abundance of caution, that's because The MED is also working with the company that received the data and they don't believe the email was passed on to anyone else.
The MED is also retraining all of its employees on information security procedures as they want to prevent this from happening again.
MORE: Identity crisis: http://www.myfoxmemphis.com/story/22200584/identity-crisis
MORE: Too much data online?: http://www.myfoxmemphis.com/story/22201686/too-much-data-online
MORE: Hacking Memphis: http://www.myfoxmemphis.com/story/22081310/hacking-memphis