Myriad Genetic Laboratories, Inc.

Name of Entity
Myriad Genetic Laboratories, Inc.
Organization Type
Healthcare, Medical Providers & Medical Insurance Services
Address

UT
United States

Description
An employee of the covered entity (CE), Myriad Genetic Laboratories, Inc., emailed unsecured protected health information (PHI) to his personal email account as a means of storing the information he used to carry out his job functions. The PHI of the affected 643 individuals included patients’ names, dates of birth, addresses, physicians’ name, genetic test results, test identification numbers, family and personal medical histories, and family pedigree information. The CE provided breach notification to HHS and affected individuals and also posted substitute notice of the breach. It also provided one year of free identify theft protection services to affected individuals. Following the breach, the CE revised its procedures for encrypting emails containing PHI and retrained the employee who had caused the breach. OCR provided technical assistance regarding the risk analysis and risk management requirements of the Security Rule.
Location of breached information: Email
Business associate present: No
Date of Breach
01/01/2014