BWH research data breached via Tableau

Brigham and Women’s Hospital released a statement and sent a letter to affected on Aug. 4 alerting them that specific research posted on Tableau’s website in 2018 and in 2023 inadvertently included a publicly accessible link to some personal and health information.

Collected in with the original unnamed – or in connection with a quality improvement project that included that study’s data – the personal information disclosed may have included the name, address, medical record number, date of birth, email address and phone number of patients that participated in the related research, said BWH officials in Friday’s announcement. 

“The clinical information disclosed may have included your diagnosis, lab results, medications, and collected as part of the study or project,” health officials say they learned on 8. “Not all individuals had the same data involved.” 

That means the links were publicly accessible between Feb. 25, 2018, and June 13, 2023.

The hospital stated that there was no “access to or release of” Social numbers, financial account numbers, other health insurance information or debit/credit card numbers. 

“These graphs were posted on the internet via the website for the Tableau tool and were created to provide only high-level and summary information,” said BWH officials, noting that the health system is reviewing its and security requirements governing use of Tableau software.

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org

Healthcare IT News is a HIMSS Media publication.

Source link