Brigham and Women's Hospital Experiences Privacy Incident

The incident involved 987 different individuals’ information possibly being exposed.

By HFT Staff


Brigham and Women’s Hospital, a founding member of Mass General Brigham, is notifying 987 individuals of a privacy incident. 

During a certain research study and quality improvement project, graphs were created to illustrate certain information to share with others in the healthcare community using the public version of a commonly used data analytics tool called Tableau. These graphs were posted on the internet via the public website for the Tableau tool and created to provide only high-level and summary information. 

On June 8 of this year, BWH learned that these graphs inadvertently included a publicly accessible link to some personal and health information collected in connection with the study or project. They immediately conducted a review and promptly had the graphs and link removed on June 13, 2023. 

BWH does not believe there are any specific steps individuals should take because of this incident; the data did not involve access to or release of Social Security Numbers, financial account numbers, health insurance information or debit/credit card numbers. 

The personal information disclosed may have included individuals’ name, address, medical record number, date of birth, email address and phone number. The clinical information disclosed may have included individuals’ diagnosis, lab results, medications and procedures collected as part of the research study or quality improvement project. The link regarding the research study was publicly accessible between February 25, 2018, to June 13, 2023, and the link regarding the quality improvement project was publicly accessible between January 14, 2023, to June 13, 2023. 

Appropriate steps have been taken to mitigate and help prevent incidents like this from occurring in the future, including providing privacy and security reminders regarding the use of Tableau.  



August 29, 2023


Topic Area: Information Technology , Security


Recent Posts

Disinfectant Dispensers in Healthcare Facilities Often Fail to Deliver Safe Concentrations: Study

Study of 10 hospitals finds 90 percent have at least one dispenser delivering disinfectants at incorrect concentrations.


Duke University Health System Receives $50 Million for Proton Beam Therapy Center

The donation is the largest philanthropic gift received by Duke University Health System.


UT Southwestern Experiences Data Breach Through Calendar Tool

The incident occurred in October.


Protecting Patient Data: Strategies and Tactics

As cyber threats and breaches grow, healthcare organizations and facilities need a better approach to cybersecurity.


Duke Health to Acquire Lake Norman Regional Medical Center

The closing is projected for the first quarter of 2025.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.