Sonoma Valley Hospital Data Breach (2013)

Sonoma Valley Hospital announced today that it has notified a group of patients of a Health Insurance Portability and Accountability Act (HIPAA) privacy breach that involved the hospital inadvertently posting limited patient information on the hospital’s website. According to Richard Reid, hospital CFO and Compliance Officer, the breach occurred on February 14, 2013, and involved an employee accidentally uploading personal information for 1,350 surgery patients to the hospital website as part of a routine website update. The error was not discovered until April 17, 2013, because the information was placed on a section of the website that was not directly accessible through the website, but only through a search engine.