The California Department of State Hospitals announced March 18 that one of its employees improperly accessed the private health information of about 1,415 patients and 617 employees.
The DSH employee had access to Atascadero (Calif.) State Hospital data servers as part of their IT job responsibilities, the department said in a news release.
DSH discovered the breach Feb. 25 as part of its annual review of employees' data access rights. Patient and employee information exposed in the breach included names, COVID-19 test results and data needed for COVID-19 tracking.
The department is investigating the breach and said it has placed the employee on administrative leave until it is finished.