We are providing this public notice as a part of our commitment to ensure the privacy and security of protected health information and to make you aware of a recent incident that involved the accidental breach of protected health information rendering such information personally identifiable. We have effective compliance policies, procedures and employee training in place to prevent these types of situations, but unfortunately, human error was the cause in this isolated case.
On January 28, 2020, a NeoGenomics employee was corresponding with a patient regarding a form the patient needed to complete and return to NeoGenomics. When creating the email, the employee mistakenly attached an incorrect document and failed to review the email before sending to ensure the correct document had been attached. Instead of attaching the requested form, the employee mistakenly attached an Excel file containing unsecured protected health information of 911 patients who received laboratory testing from NeoGenomics during the period from January 2018 through October 2019. NeoGenomics received notification of the error on January 28, 2020 by the patient who received the email with the incorrect document.
What Protected Health Information was Involved?
For the 911 patients affected by the incident, the following protected health information was involved: the patient’s first and last name, date of birth, the clinical laboratory tests performed by NeoGenomics, and the name of the organization with which the patient’s healthcare provider was affiliated. No laboratory test results or financial information was disclosed.
What Action was Taken by NeoGenomics?
The individual who received the protected health information notified NeoGenomics that the individual received the information in error and provided NeoGenomics confirmation in writing that the information was deleted. Therefore, NeoGenomics believes in good faith that the protected health information of the individuals affected has not been used nor will it be further disclosed.
Further, the NeoGenomics employee involved in this incident has been retrained on NeoGenomics’ data protection policies and procedures. NeoGenomics is also in the process of sending written reminders to all NeoGenomics’ employees of the importance of verifying that emails and their attachments are correct before sending them. Finally, NeoGenomics is providing free credit monitoring services to those individuals who were affected by this incident.
Who Can I Call for Further Information and Assistance?
If you require further information regarding this incident and how you may have been affected, please call 866) 776-5907 x6900. NeoGenomics is available to answer your questions and, if appropriate, will provide you with instructions on how to apply for free credit monitoring.
Your trust is a top priority for NeoGenomics, and we deeply regret any concern or inconvenience this accidental incident may cause. The privacy and security of our patient’s health care information is a matter NeoGenomics takes very seriously and we will continue to evaluate and improve our internal compliance processes and procedures to ensure the confidentiality of the protected health information we receive.