Box of Documents From Western Connecticut Health Network and Arizona State University Students’ Information Exposed

Nuvance Health informed some Western Connecticut Health Network (WCHN) patients concerning their protected health information (PHI) exp.

CHN sent to the Connecticut State Department of Public Health a package of medical documents on June 11, 2019 via the U.S. Postal Service (USPS). However, the box was damaged during shipping and exposed the documents.

Upon knowing about the damaged package, WCHN got it back from USPS. A WCHN spokesperson said there was no report suggesting that any information from the package was stolen or misused. Also, nobody seems to have taken the package from the USPS facility except when the WCHN staff picked it up.

WCHN already modified its processes for sending PHI to be sure that the same incident does not happen once again. Patients got breach notification letters from WCHN on August 19, 2019.

The types of data found in the healthcare records included the names of patients, birth dates, birth dates, medical care provider names, medical record numbers, appointments of diagnosis, diagnoses and test results.

PHI of 4,000 Arizona State University Students Impermissibly Disclosed

Arizona State University (ASU) notified 4,000 of its students concerning the impermissible disclosure of their information including email addresses and names because of a mailing error that happened recently.

The students got mail at the end of July telling them about their health insurance renewal. The email addresses should have been hidden but were visible to other ASU students who got the mailing.

When ASU discovered the error, ASU took out 2,540 messages and stated there were 1,130 unread messages.

ASU is reviewing its policies and procedures and is implementing some measures to keep the mailing error from happening once more.

About Christine Garcia 1309 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at