The patient contacted Tampa General and they fired the nurse for "inappropriate access" to records. But the patient said "The damage is done."
"Though many worry about anonymous hackers drilling into electronic medical records, this case shows that old-fashioned gossips remain a threat." - Tampa Bay TimesIt seems the hospital was unaware of the breach until the patient brought it to their attention. Unfortunately this is often the case when healthcare organizations are not proactively auditing for inappropriate access.
While in 2011 Tampa General adopted an EMR that limits access based on job duties, this is an insufficient approach. Analysis of what healthcare workers' actually do, not just their assigned role, is necessary. Such analysis in now available as low-cost on-demand SaaS.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Medical records breach at Tampa General, USF exposes woman's secrets - Tampa Bay News, 06/28/2013