ProMedica, a healthcare organization in Ohio potentially suffered healthcare data breach. Several employees had inappropriately accessed the private medical records for patients who were not treated directly by them. The incident has affected around 3,500 patients.
Affected information included names, addresses, phone numbers, dates of birth, insurance information, diagnoses, medications, and other clinical information exposed through the EHR system.
Patient privacy violations had occurred between May 1, 2014 and April 26, 2016. ProMedica mentioned that the staff members involved did not have valid business or clinical reasons.
ProMedica conducted an internal audit. It mentioned that the employees did not planned to keep or use the patient data accessed in an inappropriate manner. Some of the employees has been terminated for their involvement in this incident.
Facility also mentioned that it has conducted additional staff training regarding acceptable patient data access. Also, a more proactive auditing program that involves software monitoring tools that track staff activity on the EHR system is implemented.
ProMedica’s president at both hospitals, Julie Yaroch, also told that the investigation had taken so long because the healthcare organization lacked the “necessary software.”
“This is a very serious event,” added Yaroch.
ProMedica Bixby and Herrick Hospitals are members of Toledo, Ohio-based ProMedica, a mission-based, not-for-profit healthcare organization serving northwest Ohio and southeast Michigan. The 13-hospital system has more than 17,000 employees, 2,300 physicians with privileges, and more than 800 healthcare providers employed by ProMedica Physicians. Additionally it offers a health plan, Paramount, which serves 320,000 members including more than 225,000 members in the statewide Medicaid plan. Driven by its Mission to improve your health and well-being, ProMedica offers a full range of diagnostic, medical and surgical specialties in areas such as emergency medicine and trauma, behavioral health, heart and vascular, oncology, orthopaedics, neurology, and women’s and children’s services. The health system has been nationally recognized for its advocacy programs and efforts to raise awareness about hunger as a health issue.
———————————————————————————————————————————————————-
Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.