Thursday, October 29, 2015

Hospital Employee Fired for Privacy Breach of Patients' Records

A South Carolina hospital employee has been terminated for inappropriately accessing a number of patients' personal data.

Information the employee obtained included patient name, date of birth, driver's license number, insurance information, clinical diagnosis, and possibly Social Security numbers. The breach came to the hospital's attention when other employees began reporting in July 2015 that their insurers had recorded unpaid balances and charges for a prescription cream. Investigated found the employee had been inappropriately accessing patient medical records from January 2014 until August 12, 2015.

"accessing patient medical records "in a manner that was inconsistent with her job functions, hospital procedures and ... training," between Jan. 1, 2014 and Aug. 12, 2015." - Hospital statement
It is unclear why the privacy breaches went on for over one and a half years. And as is all too often the case it seems the hospital learned of the breaches from third parties. Healthcare organizations seeking to proactively detect data privacy breaches and identity theft, even if they occur only once, can utilize identity and activity analytics.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by insiders such as employees, contractors, providers, and vendors.
Sources:
(a) Employee fired after St. Francis data breach - www.GreenvilleOnline.com, 10/26/2015

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.