http://www.healthcareitnews.com/news/four-year-long-hipaa-data-breach-discovered
By Erin McCann
Associate Editor
Healthcare IT News
January 2, 2014
In the world of HIPAA privacy and security breaches, 2013 was a big year,
and the last days of December proved no exception.
The five-hospital Riverside Health System in southeast Virginia announced
earlier this week that close to 1,000 of its patients are being notified
of a privacy breach that continued for four years.
From September 2009 through October 2013, a former Riverside employee
inappropriately accessed the Social Security numbers and electronic
medical records of 919 patients. Reportedly, the employee was a licensed
practical nurse, according to a Daily Press account. The breach wasn't
discovered until Nov. 1 following a random company audit.
"Riverside would like to apologize for this incident," said Riverside
Spokesperson Peter Glagola, in a Dec. 29 notice. "We are truly sorry this
happened. We have a robust compliance program and ongoing monitoring in
place, and that's how we were able to identify this breach. We are looking
at ways to improve our monitoring program with more automatic flags to
protect our patients."
The practical nurse who inappropriately accessed the records has had their
employment terminated, according to Riverside officials.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
