The hospital then conducted an internal investigation and determined the employee had access to patient information such as name, date of birth, Social Security number, and address from May 6, 2002 to March 4, 2014.
"Our investigation has determined that the employee had access to patient information...between May 6, 2002 and March 4, 2014."As is unfortunately all to often the case in healthcare organizations, the hospital first learned of the breaches from law enforcement. Organizations that seek to proactively detect identity theft and data privacy breaches can utilize low-cost on-demand SaaS analytics services.
- Hospital announcement
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) UMass Medical Center alerts patients to insider data theft that may date back to 2002 - www.PHIprivacy.net, 05/05/2014