« Information Technology
  

Harris Health Reports 10-Year Data Breach

Their investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021.

By HFT Staff


Harris Health is notifying some of its patients regarding a privacy incident involving an employee’s access to electronic medical records without a work-related reason. 

On February 10, 2021, Harris Health learned that an employee may have accessed certain patients’ electronic medical records without a work-related reason. Harris Health quickly launched an investigation with the assistance of a nationally-recognized forensic firm, reported the incident to law enforcement and terminated the employee permanently. While working with law enforcement, Harris Health determined that the former employee disclosed some patient information to unauthorized individuals.  

Because it could have impeded their investigation, law enforcement required Harris Health to delay notifying patients of this incident. Harris Health is now notifying patients as quickly as possible after receiving permission from law enforcement to do so. To date, Harris Health has not been able to determine which specific patients’ information was disclosed outside the organization but is notifying all patients whose electronic medical record may have been impermissibly accessed by the former employee. 

Harris Health’s investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021. The patient information involved may include: demographic information (name, date of birth, address, email address, telephone number, medical record number); clinical information (diagnoses, medical history, medications, immunizations, provider name, dates of service); and insurance information, which for a limited number of patients may have contained their Social Security number. 

Harris Health terminated the employee responsible for the incident and will continue to take steps to help prevent a similar incident from occurring in the future, including thoroughly investigating privacy complaints and providing ongoing training to its workforce of the importance of protecting patient privacy. Harris Health has also implemented enhanced proactive monitoring and auditing capabilities that will assist Harris Health in detecting and preventing similar incidents from occurring in the future. 



October 9, 2025


Topic Area: Information Technology , Security

Recent Posts

How Curated Art Elevates Senior Care Spaces

Thoughtfully selected artwork can shape perception, improve flow and create a more engaging care environment.

The CDC's Guide to Hand Hygiene in Healthcare

Hand hygiene may seem simple, but the CDC has a set of guidelines that all healthcare facility managers and staff should be aware of. These are just a few of the notable tips. 

Dana-Farber, BIDMC Launch Construction of Dedicated Adult Cancer Hospital

Deconstruction begins on former Joslin site as 300-bed, oncology-focused facility moves toward a planned 2031 opening.

5 Components of an Integrated Safety Culture in Healthcare

The goal is not to create a fortress but to build a space where patients feel protected and caregivers feel empowered to deliver exceptional care.

NYC Opens Therapeutic Housing Unit for Medically Vulnerable Detainees

The NYC Health + Hospitals system has launched a 104-bed Outposted Therapeutic Housing Unit at Bellevue Hospital, offering specialized care for detainees with serious medical conditions.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.