This person, who was not authorized to access medical records, may have viewed such information as patient name, address, dates of birth, Social Security number, driver's license number, insurance policy number, medical condition. It seems they gained access using passwords of authorized system users.
"The information that may have been accessed for the impacted patients include names, home addresses, dates of birth, medical and health insurance account numbers, and health information related to patient treatment." - ABC 9 NewsThe hospital discovered the unauthorized access during an audit and says it will now perform more frequent audits. Healthcare organizations that want proactive detection of unauthorized access to patient data, by insiders, or those posing as insiders, are utilizing low-cost on-demand SaaS analytics services.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) 70 Siouxland Patients Involved in UnityPoint Security Breach - www.kcautv.com,10/03/2013