An employee email account from Sacramento, Calif.-based UC Davis Health was accessed by an unauthorized party, potentially breaching some patients' protected health information.
On May 24, the health system's IT security team learned of the incident and determined that the email was used to coordinate follow-up care appointments for patients, according to a July 27 breach notification from the health system.
Due to this, patient information such as names could have been breached by the unauthorized party. UC Davis Health did not specify other types of information that could have been within the emails or list the number of patients affected.
The health system is offering free credit monitoring to those affected and said it froze the email account upon detection of the incident and provided the employee with additional security training.