The stolen information, such as names, dates of birth and Social Security numbers, were given by the employee to a third party. The drugstore chain is notifying patients, setting up a hotline and providing a free year of credit monitoring.
"...an employee may have stolen certain certain personal information for some of our patients and provided that information to a third party."It is unclear how the identity thefts were discovered. Healthcare organizations seeking proactive identity theft detection can utilize low-cost on-demand SaaS analytics services.
- Drugstore chain's letter to Maryland State Attorney General
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Re: Information Security Incident Notification - www.OAG.State.MD.US, 05/27/2014