Massachusetts General Hospital encountered a HIPAA breach when an unauthorized individual gained access to a vendor’s files. The vendor was a dental supply company.
The dental supply company held information of Massachusetts General Hospital patients, including name, date of birth, Social Security Number and in some cases, dental information. The dental supply company reported the incident after learning about the unauthorized access. Massachusetts General Hospital contacted impacted employees and posted an apology on its website.