« Information Technology
  

Harris Health Reports 10-Year Data Breach

Their investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021.

By HFT Staff


Harris Health is notifying some of its patients regarding a privacy incident involving an employee’s access to electronic medical records without a work-related reason. 

On February 10, 2021, Harris Health learned that an employee may have accessed certain patients’ electronic medical records without a work-related reason. Harris Health quickly launched an investigation with the assistance of a nationally-recognized forensic firm, reported the incident to law enforcement and terminated the employee permanently. While working with law enforcement, Harris Health determined that the former employee disclosed some patient information to unauthorized individuals.  

Because it could have impeded their investigation, law enforcement required Harris Health to delay notifying patients of this incident. Harris Health is now notifying patients as quickly as possible after receiving permission from law enforcement to do so. To date, Harris Health has not been able to determine which specific patients’ information was disclosed outside the organization but is notifying all patients whose electronic medical record may have been impermissibly accessed by the former employee. 

Harris Health’s investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021. The patient information involved may include: demographic information (name, date of birth, address, email address, telephone number, medical record number); clinical information (diagnoses, medical history, medications, immunizations, provider name, dates of service); and insurance information, which for a limited number of patients may have contained their Social Security number. 

Harris Health terminated the employee responsible for the incident and will continue to take steps to help prevent a similar incident from occurring in the future, including thoroughly investigating privacy complaints and providing ongoing training to its workforce of the importance of protecting patient privacy. Harris Health has also implemented enhanced proactive monitoring and auditing capabilities that will assist Harris Health in detecting and preventing similar incidents from occurring in the future. 



October 9, 2025


Topic Area: Information Technology , Security

Recent Posts

EV Charging Stations: Planning for Safety, Convenience, Expansion

Managers need to ensure patient access, coordinate with clinical operations and ensure every phase of construction supports the facility's mission.

Why Ambulatory Surgery Centers Are Turning to Dedicated HVAC Systems

Design experts from Neenan Archistruction explain how single-unit HVAC systems for each operating room enhance infection control, comfort, and resiliency.

Ground Broken on UW Health University Row Medical Center

Construction is expected to be completed by the end of 2027.

Better, More Thorough Cleaning Saves Lives

Cleanliness is the first line of defense to protect patients from killer pathogens, but many hospitals refuse to make it a priority.

Encompass Health Opens the Rehabilitation Hospital of Amarillo

The 50-bed inpatient rehabilitation hospital is now accepting patients.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.