« Information Technology
  

Harris Health Reports 10-Year Data Breach

Their investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021.

By HFT Staff


Harris Health is notifying some of its patients regarding a privacy incident involving an employee’s access to electronic medical records without a work-related reason. 

On February 10, 2021, Harris Health learned that an employee may have accessed certain patients’ electronic medical records without a work-related reason. Harris Health quickly launched an investigation with the assistance of a nationally-recognized forensic firm, reported the incident to law enforcement and terminated the employee permanently. While working with law enforcement, Harris Health determined that the former employee disclosed some patient information to unauthorized individuals.  

Because it could have impeded their investigation, law enforcement required Harris Health to delay notifying patients of this incident. Harris Health is now notifying patients as quickly as possible after receiving permission from law enforcement to do so. To date, Harris Health has not been able to determine which specific patients’ information was disclosed outside the organization but is notifying all patients whose electronic medical record may have been impermissibly accessed by the former employee. 

Harris Health’s investigation determined that the impermissible access to patient information occurred between January 4, 2011, and March 8, 2021. The patient information involved may include: demographic information (name, date of birth, address, email address, telephone number, medical record number); clinical information (diagnoses, medical history, medications, immunizations, provider name, dates of service); and insurance information, which for a limited number of patients may have contained their Social Security number. 

Harris Health terminated the employee responsible for the incident and will continue to take steps to help prevent a similar incident from occurring in the future, including thoroughly investigating privacy complaints and providing ongoing training to its workforce of the importance of protecting patient privacy. Harris Health has also implemented enhanced proactive monitoring and auditing capabilities that will assist Harris Health in detecting and preventing similar incidents from occurring in the future. 



October 9, 2025


Topic Area: Information Technology , Security

Recent Posts

The Role of Positive Distraction in Pediatric Design

Positive distraction by itself does not heal, but it can aid the healing process by addressing the mental well-being of an individual.

Healthcare Waste is Fueling America's Debt

As healthcare spending surpasses $5 trillion annually, facility leaders are under pressure to confront operational inefficiencies head-on.

Prairie Lakes Healthcare System to Rebrand Following Sanford Health Merger

The transition of name and branding will occur in phases beginning in late June and is part of the “Together for Good” journey.

How Digital Technologies Are Reshaping Performance in Healthcare Facilities

AI can hyper-optimize hospital operations, change the patient experience and make data-driven intelligence a foundation of hospital design.

The Role of Plumbing in Healthcare-Associated Infections

Water and plumbing systems are a dangerous source of pathogens and bacteria, so the CDC has created a set of guidelines to develop a proper water management program.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.