According to an announcement made by Delaware Division of Public Health (DPH) on Sunday 15 November, the agency suffered data breach that led to leakage 10.000 test results COVID-19. Affected patients have already begun receiving letters informing them of the incident.
According to the letter, on September 16, 2020 Ministry of Health and Social Services found that a DPH employee mistakenly sent two unencrypted e-mail, one on 13 August 2020 and one on 20 August 2020, to an unauthorized user.
The emails sent to this user contained COVID-19 test results for approximately 10.000 individuals.
The email on August 13 included test results for individuals tested between July 16, 2020 and August 10, 2020, while the email on August 20 included test results for individuals tested on August 15, 2020.
According to the agency, these emails were intended for internal use by call center staff who help people receive Results of their examinations.
They said the emails were sent by mistake to a single unauthorized user and that the person notified DPH of the receipt of the emails. As mentioned by the organization the emails and attachments archives that included have now been deleted.
There is currently no evidence to suggest that any of these have been abused information leaked.
DPH stated that they have reviewed and strengthened the relevant policies and procedures regarding portability and health insurance liability and that staff have been retrained in HIPAA.
DPH has also set up a dedicated call center, separate from the COVID-19 call center, to answer any questions about this data breach, which can be addressed from Monday to Friday to those affected by the leak.