BronxCare Network
• Important Notice to Patients
Potential Disclosure of Personal Health Information
On August 27, 2013, we learned that Professional Transcription Company (PTC), a company that was hired by us to transcribe dictated physician reports, had hired a subcontractor, Bahoo.net (Bahoo), which allowed certain transcriptions to be publicly available through Bahoo’s website and through certain search engines (e.g., Google). Upon investigation, it was determined that Bahoo failed to adequately secure its File Transfer Protocol (FTP) site allowing certain transcriptions to be viewable. The information in the transcriptions included patient names, type of treatment/procedure, diagnoses and dates of service, but did not include social security numbers, financial information, contact information or any other personal information in the patients’ medical records.
As soon as the incident was identified, Bahoo closed its website and destroyed the hard drive so that the public could no longer view such personal information on the website. The unintended consequence of Bahoo’s decision to destroy the hard drive is that it is not possible to identify the specific dates the personal information was posted or whose information was publicly viewable. To be cautious, we notified by mail all patients whose information was sent to PTC over the past four years.
In addition to taking these steps, Bahoo worked with the internet provider to prevent the transcriptions from being viewable in the internet search. We also hired a technical consultant to work with the other search engines to ensure the removal of any transcriptions that might still be viewable. Although no financial information was included, patients were advised that if they become aware of any suspicious activity in their accounts, they should report it to immediately to us.
If you have any questions or wish to make a report, please call us at the Call Center, 877-451-9361 (toll free), Monday through Friday, 9 am to 6 pm.
The security of patient information is critically important to us, as it is to our patients. We will continue to take all steps necessary to meet this goal and in furtherance of our mission of needed health care to the communities we serve.
Bronx-Lebanon Hospital Center
Dr. Martin Luther King, Jr. Health Center
Dr. Martin Luther King, Jr. Health Center
On August 27, 2013, we learned that Professional Transcription Company (PTC), a company that was hired by us to transcribe dictated physician reports, had hired a subcontractor, Bahoo.net (Bahoo), which allowed certain transcriptions to be publicly available through Bahoo’s website and through certain search engines (e.g., Google). Upon investigation, it was determined that Bahoo failed to adequately secure its File Transfer Protocol (FTP) site allowing certain transcriptions to be viewable. The information in the transcriptions included patient names, type of treatment/procedure, diagnoses and dates of service, but did not include social security numbers, financial information, contact information or any other personal information in the patients’ medical records.
As soon as the incident was identified, Bahoo closed its website and destroyed the hard drive so that the public could no longer view such personal information on the website. The unintended consequence of Bahoo’s decision to destroy the hard drive is that it is not possible to identify the specific dates the personal information was posted or whose information was publicly viewable. To be cautious, we notified by mail all patients whose information was sent to PTC over the past four years.
In addition to taking these steps, Bahoo worked with the internet provider to prevent the transcriptions from being viewable in the internet search. We also hired a technical consultant to work with the other search engines to ensure the removal of any transcriptions that might still be viewable. Although no financial information was included, patients were advised that if they become aware of any suspicious activity in their accounts, they should report it to immediately to us.
If you have any questions or wish to make a report, please call us at the Call Center, 877-451-9361 (toll free), Monday through Friday, 9 am to 6 pm.
The security of patient information is critically important to us, as it is to our patients. We will continue to take all steps necessary to meet this goal and in furtherance of our mission of needed health care to the communities we serve.
THE HOSPITAL
