Columbia University Irving Medical Center Patient Data Exposed Online

Columbia University Irving Medical Center (CUIMC) submitted a data breach report to the HHS’ Office for Civil Rights on May 6, 2024 indicating that 29,629 individuals were affected.

New York-Presbyterian (NYP) and CUIMC were informed of the breach of patient information on an online platform. After securing and deleting the file from the platform, the breach was investigated. It was confirmed that a NYP/CUIMC worker unintentionally uploaded the data in August 2023 as he/whe was doing quality-related data analysis.

The file included patient laboratory information, such as first and last name, birth date, medical record number, name of provider, and single lab test data. NYP/CUIMC stated the laboratory result wouldn’t show diagnostic data of patients. The forensic investigation revealed proof on March 8, 2024 that unknown and unauthorized third parties accessed the file from September 11, 2023, to March 7, 2024. The breach did not affect financial information, email addresses, Social Security numbers, or telephone numbers that were included in the file. Those who have a valid mailing address on file already got a breach notice.

The type of breached information doesn’t put the impacted persons in danger of identity theft; nevertheless, NYP/CUIMC advises the impacted patients to keep track of their health plan statements for strange entries. When impacted individuals find any healthcare service listed on a statement that they didn’t receive, they should get in touch with their health plan. The impacted persons were informed and NYP/CUIMC is analyzing further security improvements and will keep educating the employees concerning the proper management of patient information.

CUIMC is serious about its responsibility to protect patient personal data and is dedicated to securing patient privacy. Security will be further enhanced and employees will get HIPAA training, particularly on handling of patient data to help avoid the same incidents.

Patients who have concerns regarding this incident can call the designated telephone line at 1-866-528-5216, from Monday to Friday 9:00 a.m. to 6:30 p.m. Eastern Time, except during holidays.

It is uncertain whether CUIMC offered to provide the affected individuals with credit monitoring and/or identity theft protection services at this time. Around 29,600 people were impacted by the Columbia University Irving Medical Center data breach.

Columbia University Irving Medical Center (CUIMC) is an educational medical center established in New York City. It is associated with Columbia University and acts as a center for healthcare education, research, and patient treatment. CUIMC includes four main schools: Vagelos College of Physicians and Surgeons, College of Dental Medicine, Mailman School of Public Health, and School of Nursing. Together with the NewYork-Presbyterian Hospital center works to give complete healthcare services.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

John Blacksmith

John Blacksmith is a journalist with several years experience in both print and online publications. John has specialised in Information technology in the healthcare sector and in particular in healthcare data security and privacy. His focus on healthcare data means he has specialist knowledge of the HIPAA regulations. John has a degree in journalism.