On October 10, 2024, UT Southwestern was made aware of an unintentional improper disclosure of protected health information. UT Southwestern has received no indication that the information has been used inappropriately but is notifying those involved out of an abundance of caution and in accordance with UTSW policy.
Workforce members using a third-party calendar management tool inadvertently permitted vendor access to some calendars, which in some instances included patients’ protected health information.
This may have included information such as name, date of birth, medical record number, phone number, date of service of planned services, medical diagnosis, lab results, medication information, insurance benefits information, and, in some instances, partial social security numbers. It did not include credit card numbers or other financial account information.
UTSW has implemented robust processes to limit the amount of information shared with third-party vendors and will continue monitoring for sensitive data leaving its network and systems.
Strategies for Success with Life Sciences and Healthcare Projects
Building Disaster Resilience Through Collaboration
Archer Acquires MemorialCare-Anchored Orange County Medical Office Portfolio
Life Sciences and Healthcare: Reshaping Institutional Design
Arnprior Regional Health Upgrades Building Controls to Improve IEQ