On October 10, 2024, UT Southwestern was made aware of an unintentional improper disclosure of protected health information. UT Southwestern has received no indication that the information has been used inappropriately but is notifying those involved out of an abundance of caution and in accordance with UTSW policy.
Workforce members using a third-party calendar management tool inadvertently permitted vendor access to some calendars, which in some instances included patients’ protected health information.
This may have included information such as name, date of birth, medical record number, phone number, date of service of planned services, medical diagnosis, lab results, medication information, insurance benefits information, and, in some instances, partial social security numbers. It did not include credit card numbers or other financial account information.
UTSW has implemented robust processes to limit the amount of information shared with third-party vendors and will continue monitoring for sensitive data leaving its network and systems.
Healthcare and Resilience: A Pledge for Change
Texas Health Resources Announces New Hospital for North McKinney
Cedar Point Health Falls Victim to Data Breach
Fire Protection in Healthcare: Why Active and Passive Systems Must Work as One
Cleveland Clinic Hits Key Milestones for Palm Beach County Expansion