On October 10, 2024, UT Southwestern was made aware of an unintentional improper disclosure of protected health information. UT Southwestern has received no indication that the information has been used inappropriately but is notifying those involved out of an abundance of caution and in accordance with UTSW policy.
Workforce members using a third-party calendar management tool inadvertently permitted vendor access to some calendars, which in some instances included patients’ protected health information.
This may have included information such as name, date of birth, medical record number, phone number, date of service of planned services, medical diagnosis, lab results, medication information, insurance benefits information, and, in some instances, partial social security numbers. It did not include credit card numbers or other financial account information.
UTSW has implemented robust processes to limit the amount of information shared with third-party vendors and will continue monitoring for sensitive data leaving its network and systems.
Disinfectant Dispensers in Healthcare Facilities Often Fail to Deliver Safe Concentrations: Study
Duke University Health System Receives $50 Million for Proton Beam Therapy Center
Protecting Patient Data: Strategies and Tactics
Duke Health to Acquire Lake Norman Regional Medical Center