The employee breached the hospital's electronic medical records (EMR) and saw names, home addresses, phone numbers, email addresses, medical and health-insurance account numbers and also some patients' Social Security numbers and personal financial account information, including credit card and debit card numbers.
"This sounds like a very serious case of medical identity theft."The breach was not discovered until the hospital looked into an allegation of unauthorized access to its EMR. University Hospitals discovered Oct. 2 that the access occurred from January 2011 through June 2014. Healthcare organizations seeking to proactively detect privacy breaches, rather than have third parties bring them to their attention, can utilize low-cost on-demand SaaS analytics services.
- Pam Dixon, World Privacy Forum
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) University Hospitals: Employee gained unauthorized access to 692 patient files in breach - www.Cleveland.com, 11/28/2014