Rocky Mountain Spine Clinic Data Breach (2013)

A Denver-area spine clinic says it has fired an employee in its billing department who improperly emailed some patients' protected information to her personal account, but it doesn't appear anyone's personal information is at risk. Rocky Mountain Spine Clinic in Lone Tree said Wednesday that it fired the employee after the information technology department noticed she sent protected health information of 532 patients from her work email account to her personal account in June in violation of the Health Insurance Portability and Accountability Act, or HIPAA. The clinic's privacy officer says the employee told investigators she sent the file so she could work from home. Investigators verified she never opened the file before deleting it from her personal account.