Henry Mayo Newhall Hospital in Valencia, CA, has discovered an employee has accessed the protected health information of certain patients without a valid business reason for doing so. The privacy breach was detected on May 8, 2023, and notification letters were sent to affected individuals on May 26, 2023.
The investigation confirmed that the employee was able to view patient information such as names, birth dates, medical record numbers, visit numbers, and clinical data such as diagnoses, vital signs and narrative clinical notes. The employee was interviewed about the unauthorized access and Henry Mayo believes the records were accessed out of curiosity and that no patient information has been further disclosed or misused. The hospital has acted per its sanctions policy and has taken steps to prevent further privacy breaches in the future, including continuing to counsel and educate staff members.
It is currently unclear how many patients have been affected.
A 'Superbug' Is on the Rise in Hospitals
The Next Generation of Security Tech in Healthcare Facilities
Encompass Health Rehabilitation Hospital of St. Petersburg Opens
Why More Facilities are Adding Gender Neutral Restrooms
Massachusetts Hospital Cyberattack Reflects Growing Vulnerability in Healthcare Systems