Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Walgreens
Reported a breach of medical information involving at least 500 people to the U.S. Department of Health and Human Services, Office for Civil Rights; the report was received on December 15, 2014. Also cited in 199 other reports.
Report ID: IL070, U.S. Department of Health and Human Services, Office for Civil Rights
Reported Entity: Walgreen Co.
Issue:
The covered entity (CE), Walgreens, mailed patient notification letters to incorrect third parties. The letters included first and last names, addresses, dates of birth, phone numbers, provider names, and details of the vaccines administered and affected approximately 160,000 individuals. The CE provided breach notification to HHS, affected individuals, and the media, and placed notice on its website. Following the breach, the CE resolved issues in its use of the electronic health record (EHR) that were factors in the breach, updated data in the prescriber database and trained its staff on the new requirements. As a result of OCRs investigation, Walgreens improved safeguards by resolving two issues in its use of the EHR.