A hospital employee, now terminated, was caught with protected health information (PHI) that the employee was not authorized to possess nor should have had access to. The PHI was found when the employee was pulled over by local law enforcement; the PHI included names, Social Security numbers, birth dates and medical record numbers-the number of patients affected is currently unknown.
"The now terminated employee had PHI that they shouldn't have had access to...names, Social Security numbers, birth dates, and medical record numbers."It's unclear if this latest data theft is connected with the tax fraud ring prosecuted last month as the investigation is ongoing.
To proactively detect inappropriate access to PHI, even by authorized users, healthcare organizations can utilize low-cost on-demand SaaS analytics.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Tampa General Hospital investigating another data breach - HealthITSecurity.com, 08/16/2013