Skip to Content, Navigation, or Footer.

ASU reveals thousands of students' email addresses in HIPAA violation

The University unintentionally released the email addresses of 4,000 students

Students leaving the Memorial Union on Monday, Nov. 2, 2015, on the Tempe campus.
Students leaving the Memorial Union on Monday, Nov. 2, 2015, on the Tempe campus.

ASU unintentionally revealed the email addresses of thousands of its students over the summer, breaching federal health privacy laws. 

In late July, an ASU office sent mass emails regarding health insurance renewal to select students but failed to conceal their email addresses, and in some cases, recipients' names. 

On Aug. 16, the University notified 4,000 students that their email addresses were unintentionally exposed, violating the Health Insurance Portability and Accountability Act, or HIPAA.

The University deleted over 2,540 of the messages in an attempt to limit the release of the students’ information, and over 1,130 of those emails sent were unread, a University spokesperson said. 

Health information that is protected under HIPAA includes any information related to an individual's health care that identifies the individual by name, email address or other identifiers.

No other protected health information was released, the University spokesperson said.

HIPAA is designed to protect patients' privacy regarding medical information and allow them to have more control over their information by setting limits on the use of their health records. 


Reach the reporter at bstoshne@asu.edu and follow @itsbrennaaaa on Twitter. 

Like The State Press on Facebook and follow @statepress on Twitter.


Continue supporting student journalism and donate to The State Press today.

Subscribe to Pressing Matters



×

Notice

This website uses cookies to make your experience better and easier. By using this website you consent to our use of cookies. For more information, please see our Cookie Policy.