A worker at Trios Health, which is anchored by Trios Southridge Hospital in Washington State, was utilizing its electronic health record (EHR) system not just to perform job duties but to also look up data on sufferers outside of the employee's job function.
The tragedy is the latest in a spate of breaches at healthcare agencies by insiders.
The Trios Health breach was discovered by its health information management department on the day of March 14. Compromised data involved dates of service, diagnoses, demographic information, Social Security numbers, driver’s license numbers, phone numbers and email addresses.
After an inquiry, the agency put in new EHR use restrictions to staff within the worker’s department and terminated the employee. The inquiry continues and as does extra privacy training and new standard auditing procedures to secure PHI. Notification letters to about 600 affected patients started being mailed on the day of May 29.
Trios Health is providing a year of identity theft, credit and fraud monitoring protection services for affected sufferers through Identity Force. Spokespersons for the agency didn’t respond to a request for extra information.
Other breaches at healthcare agencies of protected health information caused by insiders involve the following:
* At Med Center Health in Kentucky, a worker took data on 2 occasions to develop an outside business.
* Beacon Health System in Indiana discovered a worker had been accessing patient emergency department records for 3 years without permission or a reason to view them.
* A volunteer at NYC Health + Hospitals inadvertently caused a breach because she managed protected health information before being completely vetted and trained by the human resources department.
* 2 employees in the patient transport department at the institute of Vanderbilt University Medical Center were inappropriately accessing patient records by gaining more information than required to do their jobs.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment