Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: University Hospital Newark notifies OCR of data breach

The University Hospital Newark ('UH') notified, on 8 October 2021, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting  9,329 individuals. In particular, the UH stated that between 1 January 2016 and 31 December 2017 some personal health information of individuals had been accessed by one of UH's employees who had also provided patient information to unauthorised individuals. In addition, the UH stated that the information involved for each individual may have included names, addresses, dates of birth, social security numbers, health insurance information, medical record numbers, and clinical information related to care received. Moreover, the UH highlighted that this incident did not affect all patients, but only certain patients treated in the emergency department of the hospital, following motor vehicle accidents between 2016 and 2017. Lastly, the UH stated that it is notifying all potentially affected individuals and is offering to those patients a complimentary one-year credit monitoring and identify protection membership.

You can access details on the OCR Portal here and read the UH's notice here.