A certified medical assistant had unauthorized access to electronic patient records between February 2010 and September 2013. She was able to access demographic information, clinical information, health insurance information and the last four digits of social security numbers. The employee has been terminated.
"Between February, 2010 and September, 2013, employee had unauthorized access to name, address, telephone number, date of birth), clinical information, health insurance information, and the last four digits of these patients’ social security number."It is unclear why this unauthorized access was allowed for three years or what prompted the investigation that discovered the data privacy breaches. Healthcare organizations that want proactive data privacy breach detection, even by authorized users, can utilize low-cost on-demand SaaS analytics services.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Allina Health Notifies 3,000 Patients of Security Breach - www.Kare11.com, 10/27/2013