NYU Langone Health

NYU Langone Health suffered from a data breach incident that exposed 2000 Patient Information.

The compromised information includes name, date of birth, date of service, diagnosis code, current procedural terminology code, insurer name and identification number, and potentially other short related comments, such as any insurance approval or denial information and inpatient or outpatient status.

They took steps to ensure that a similar incident would not occur.

Staff was re-educated on the importance of safeguarding patient information and the practice updated its workflow to protect such information further.

Source: https://www.databreaches.net/nyu-langone-health-notifies-patients-of-improperly-disposed-binder-containing-patient-information/

TPRM report: https://scoringcyber.rankiteo.com/company/nyulangonehealth

"id": "nyu7191323",
"linkid": "nyulangonehealth",
"type": "Breach",
"date": "12/2017",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 2000,
                        'industry': 'Healthcare',
                        'location': 'New York, USA',
                        'name': 'NYU Langone Health',
                        'type': 'Healthcare Provider'}],
 'data_breach': {'number_of_records_exposed': 2000,
                 'personally_identifiable_information': ['name',
                                                         'date of birth',
                                                         'date of service',
                                                         'diagnosis code',
                                                         'current procedural '
                                                         'terminology code',
                                                         'insurer name and '
                                                         'identification '
                                                         'number'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Health Information']},
 'description': 'A data breach at NYU Langone Health exposed 2000 patient '
                'records, including names, dates of birth, dates of service, '
                'diagnosis codes, procedural terminology codes, insurer names '
                'and identification numbers, and other related comments.',
 'impact': {'data_compromised': ['name',
                                 'date of birth',
                                 'date of service',
                                 'diagnosis code',
                                 'current procedural terminology code',
                                 'insurer name and identification number',
                                 'insurance approval or denial information',
                                 'inpatient or outpatient status']},
 'lessons_learned': 'Importance of safeguarding patient information and '
                    'updating workflows to protect data.',
 'post_incident_analysis': {'corrective_actions': ['Re-educated staff on '
                                                   'safeguarding patient '
                                                   'information',
                                                   'Updated workflow to '
                                                   'protect patient '
                                                   'information']},
 'response': {'remediation_measures': ['Re-educated staff on safeguarding '
                                       'patient information',
                                       'Updated workflow to protect patient '
                                       'information']},
 'title': 'NYU Langone Health Data Breach',
 'type': 'Data Breach'}

NYU Langone Health

Dansons

TEP Holdings, LLC

Bolton Global