Two Rivers Public Health Department (TRPHD) in Nebraska has recently confirmed that the protected health information of 15,168 patients was stored in an employee Office365 account that was accessed by an unauthorized third party.
TRPHD said suspicious activity was detected within its server infrastructure on November 9, 2022. The initial investigation conducted by a third-party IT firm concluded that patient data had not been compromised; however, out of an abundance of caution, an external forensic investigation firm was engaged to fully investigate the security breach and confirmed that an Office 365 account was accessed by an unauthorized individual between September 14, 2022, through November 8, 2022. The review of the account confirmed it contained protected health information, although the press release issued did not state what types of information had been exposed.
TRPHD said the document review was completed on March 15, 2023, and notifications were mailed to affected individuals on April 14, 2023. Additional security measures have been implemented to better secure its systems against unauthorized access.
Cleanliness Is a Measurable Outcome
Workplace Safety and the Role of Access Control
Henry Ford Hospital Celebrates Construction Milestone for Expansion Project
How EVS Leaders Can Support Staff for Better Cleaning
Addressing Infection Prevention Staffing Gaps in Ambulatory and Procedural Care