RoxSan Drugstore has contacted 1,049 patients to notify them that a few of their PHIs have been shared with a business partner through the unencrypted electronic mail.
The warning letters were delivered to affected persons the previous month, even though the case occurred on January 20, 2015. In the latest press statement, Beverly Hills, CA-centered RoxSan summarized that affected persons are being warned in “as timely a method as conceivable”. The delay in dispatching notices was because of “the safeguarded type of the forensic analysis”. It’s not clear when RoxSan Drugstore became conscious of the fault.
The PHI was enclosed in a data file which was dispatched to an individual – A business partner of the drugstore – who was working in the legal area. That individual had initialed a BAA with the drugstore and was well-informed of the duties of HIPAA with regard to patients’ PHI. Nevertheless, the PHI was shared when the data file was dispatched through the unencrypted electronic mail.
The data file held just a limited amount of PHI and didn’t include patient names, Social Security numbers, personal ID information, or fiscal details.
The information was pertaining to sick persons who had medicines ordered from April 2015 to August 2015 and was limited to medical information, physicians’ names, insurance information, drug information, and patient ID details.
RoxSan hasn’t received any reports that indicated the data has been diverted and abused. Patients have been informed what measures they can take to protect their individualities and check for deceitful usage of their info as a preventive measure.
The drugstore has already acted to increase its operational safeguards to avoid any further breaches of this type from occurring.