« Information Technology
  

Harris Health Reports 10-Year Data Breach

Their investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021.

By HFT Staff


Harris Health is notifying some of its patients regarding a privacy incident involving an employee’s access to electronic medical records without a work-related reason. 

On February 10, 2021, Harris Health learned that an employee may have accessed certain patients’ electronic medical records without a work-related reason. Harris Health quickly launched an investigation with the assistance of a nationally-recognized forensic firm, reported the incident to law enforcement and terminated the employee permanently. While working with law enforcement, Harris Health determined that the former employee disclosed some patient information to unauthorized individuals.  

Because it could have impeded their investigation, law enforcement required Harris Health to delay notifying patients of this incident. Harris Health is now notifying patients as quickly as possible after receiving permission from law enforcement to do so. To date, Harris Health has not been able to determine which specific patients’ information was disclosed outside the organization but is notifying all patients whose electronic medical record may have been impermissibly accessed by the former employee. 

Harris Health’s investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021. The patient information involved may include: demographic information (name, date of birth, address, email address, telephone number, medical record number); clinical information (diagnoses, medical history, medications, immunizations, provider name, dates of service); and insurance information, which for a limited number of patients may have contained their Social Security number. 

Harris Health terminated the employee responsible for the incident and will continue to take steps to help prevent a similar incident from occurring in the future, including thoroughly investigating privacy complaints and providing ongoing training to its workforce of the importance of protecting patient privacy. Harris Health has also implemented enhanced proactive monitoring and auditing capabilities that will assist Harris Health in detecting and preventing similar incidents from occurring in the future. 



October 9, 2025


Topic Area: Information Technology , Security

Recent Posts

Hand, Foot and Mouth Disease on the Rise

A number of states are reporting an uptick in HFMD, a highly contagious viral illness that primarily affects infants and young children.

BayCare Reveals Pagidipati Children's Hospital at St. Joseph's

It is a freestanding facility scheduled to open in 2030.

Preparing for the Hazards of Winter Weather

Winter is here and healthcare facilities must be ready for inclement weather to prevent slips and falls.

Why Identity Governance Is Becoming a Facilities Management Issue

As healthcare buildings grow more connected, weak identity controls can expose HVAC, security and other critical systems to serious risk.

Habitat Health Opens South Los Angeles PACE Center

The new center strengthens the local care infrastructure, delivering integrated medical, social and in-home care.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.