Confidential patient data sent to wrong company -- for 15 months
Doctors and clinics in the U.S. have been faxing information to an herbal remedy distributor
Computerworld - A small Lockport, Manitoba-based distributor of herbal remedies has for the past 15 months been mistakenly receiving faxes containing confidential information belonging to hundreds of patients with Prudential Financial Inc.'s insurance group. The data exposed in the breach -- and faxed to the company by doctors and clinics across the U.S. -- included the patients' Social Security numbers, bank details and health care information.
So far, at least, efforts to deal with the issue appear to have failed, said Jody Baxmeyer, vice president of marketing at North Regent RX, the company that's been receiving the faxes.
The situation has been caused by North Regent's toll-free fax number, which is nearly identical to one used by Prudential to receive medical claims-related information from doctors, Baxmeyer said. In fact, the two numbers differ by only one digit, Baxmeyer said.
As a result, North Regent's Lockport office has mistakenly received thousands of documents sent to the wrong fax number that involve more than 1,000 claims. The documents contain detailed patient medical histories, Social Security numbers and bank information meant for Prudential's insurance division.
Baxmeyer said his company contacted Prudential about the problem in October 2004 -- when North Regent first began operations -- and then followed up again in April 2005 when it had not heard back from the company. "Prudential's point of view was that, 'We are not the ones faxing the information,' which is ridiculous," Baxmeyer said. "They are the ones that solicited the business from doctors and clinics, and they are the ones setting up the protocols for receiving the information."
In a statement today, Prudential officials disagreed, saying the company cannot be held responsible for third parties who are sending the information to the wrong fax number.
"Prudential Financial's fax number is accurately listed on all of our forms and communications," the company said in an e-mailed statement. "Effective immediately, North Regent RX will forward to Prudential Financial all faxes it has received, as well as any it may receive in the future."
Initially, North Regent contacted the doctors' offices, clinics and even patients directly when it received a fax meant for Prudential. But the company doesn't have the resources to continue doing that, Baxmeyer said. "What happened was it became a point of distraction for us. It would have taken an effort that we were not capable of."
According to Baxmeyer, North Regent in April offered to sell its toll-free number to Prudential for a fee that included the costs of acquiring and publicizing a new toll-free fax number for North Regent. Another option it suggested
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!