On March 26, 2018, Mississippi State Department of Health submitted a HIPAA Email Breach to the U.S. Department of Health and Human Services (HHS). Located in Jackson, MS, the Mississippi State Department of Health's email breach affected 30799 individuals’ protected health information. Mississippi State Department of Health is classified as a Healthcare Provider.
According to Mississippi State Department of Health press release:
Health information, including names, date of birth, Social Security number, or lab results, were released Jan. 25 to J Michael Consulting, a contractor for the Centers for Disease Control and Prevention. “This could have resulted in an unauthorized disclosure, since the information was not meant to be shared,” MSDH officials said in a news release. MSDH officials became aware Jan. 30 that an employee “unknowingly” emailed an Excel spreadsheet containing patients’ protected health information. “Each person who mistakenly received the spreadsheet said they deleted all traces of the email from their inbox and did not share the email or what was in it. It is unlikely that the personal information was viewed by anyone,” MSDH officials added. “However, because this email was sent unprotected, there is a possibility that it was seen by someone who could misuse it. MSDH has taken steps to increase security and lessen any harm that could be caused to any individual patient.” Officials ask that anyone who was treated at the Mississippi State Department of Health, or any of its clinics, in 2017 and is concerned about possible unauthorized disclosure of information contact Nicole Litton or Christin Williams at 601-576-7874. The Mississippi State Department of Health will offer free credit monitoring protection for one year, for clients whose information was included in the spreadsheet.
The HHS Wall of Shame is a website under the jurisdiction of HHS that lists all HIPAA breaches reported within the last 24 months. The Wall of Shame displays breaches that are currently under investigation by the Office for Civil Rights. As part of section 13402(e)(4) of the HITECH Act, the HHS Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.
The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals as reported in the HHS Wall of Shame.