I was lucky enough to grab a simple version of my name for an email address. The downside of this is that I receive a lot of carelessly misaddressed emails to other people who share my first and last name. I've found that people (and institutions who should absolutely know better) fire off the most amazing things over email without even bothering to make sure they have the right address.
I finally tracked down the Sharon in Birmingham to let her know that her temple had the wrong email on the mail distribution for the Gift Shop Committee and I was receiving all her meeting minutes - including financial details of the operation of the gift shop. I've also gotten legal papers related to real estate transactions for a different Sharon. But the worst breach of security common sense was today's arrival:
followed by a login and a password in clear text!! What are these idiots THINKING, sending sensitive information like that to an unverified email address? They should be sued. Of course this email came from a no-reply address, so I can't even do what I usually do - reply to the email with a polite note that it was sent to the wrong email.
I finally tracked down the Sharon in Birmingham to let her know that her temple had the wrong email on the mail distribution for the Gift Shop Committee and I was receiving all her meeting minutes - including financial details of the operation of the gift shop. I've also gotten legal papers related to real estate transactions for a different Sharon. But the worst breach of security common sense was today's arrival:
Dear Sharona ,
At CityMD we are committed to making managing your health as simple as possible. As a CityMD patient, you now have the opportunity to access our new patient portal.
With the CityMD patient portal, you will be able to:
- View your visit summary
- Confidentially access labs and test results
- Access your records 24 hours a day, 7 days a week
Please use the followin to login:
followed by a login and a password in clear text!! What are these idiots THINKING, sending sensitive information like that to an unverified email address? They should be sued. Of course this email came from a no-reply address, so I can't even do what I usually do - reply to the email with a polite note that it was sent to the wrong email.
no subject
Date: 2016-03-13 07:00 pm (UTC)K.
no subject
Date: 2016-03-13 11:15 pm (UTC)no subject
Date: 2016-03-14 12:31 am (UTC)http://www.hhs.gov/hipaa/filing-a-complaint/what-to-expect/index.html
no subject
Date: 2016-03-14 12:59 am (UTC)