St. Elizabeth's Medical Center

Under Review: 
No Review
Date Breach Made Public: 
February 9, 2012
Boston , MA
United States
Massachusetts US
Records Breached: 


Breach Total Number: 
6 831
Year of Breach: 
Type of organization: 
Type of breach: 

St. Elizabeth's Medical Center became aware of sensitive paperwork that was found exposed miles away from the medical center's Brighton campus.  St. Elizabeth's immediately sent someone to recover the documents.  It is unclear how the documents ended up in the area and a vendor may have been the source of the breach.  The types of information exposed were not revealed.

UPDATE (4/09/12): The total number of patients who were notified is 6,831.  The documents contained billing information such as patient names, hospital account numbers, credit card numbers and security codes.  The breach was discovered when someone saw the credit card payment receipts of at least five patients flying through a field.  There is no evidence that more than five patients were affected, however, it is unclear how those receipts escaped destruction.

UPDATE (7/14/2015): "A Massachusetts hospital has agreed to pay $218,400 and implement a corrective action plan to correct deficiencies in its Health Insurance Portability and Accountability Act compliance program under a recently unveiled no-fault resolution agreement with federal officials."

More Information: