South Bend, IN-based Beacon Health System (BHS) says the medical records of 3,117 patients have been accessed by an employee when there was no legitimate work reason for viewing the records. The unauthorized activity was detected on or around January 10, 2023, prompting an investigation to determine the extent of the privacy violation.
BHS said the employee’s work duties were related to patient registrations, verification of benefits, and patient placements within the hospital. As such, security privileges allowed access to clinical documentation in medical records, as access to clinical information was occasionally necessary. The investigation confirmed on February 20, 2023, that the medical record access was unrelated to the employee’s work duties, with the period of access spanning from November 18, 2018, to February 24, 2023.
The information accessed included names, addresses, birth dates, Social Security numbers, and clinical information such as diagnoses, emergency care treatment information, labs and diagnostic testing, operative and anesthesia documentation, ancillary clinical documentation and medical histories. BHS said notification letters are being sent to affected individuals and confirmed that the employee no longer works at BHS.
Making the Energy Efficiency Case to the C-Suite
How to Avoid HAIs This Flu Season
Design Phase Set to Begin for Hospital Annex at SUNY Upstate Medical
Building Hospital Resilience in an Era of Extreme Weather
Ennoble Care Falls Victim to Data Breach