Kaiser Permanente employee inappropriately accessed EHR — 8,000 patients affected

Kaiser Foundation Health Plan of the Mid-Atlantic States notified 8,556 patients that some of their information was compromised due to an employee inappropriately accessing portions of its electronic health records.

On Sept. 21, Kaiser Permanente learned that one of its employees inappropriately accessed portions of medical records for patients in the Mid-Atlantic region without proper reason, according to Nov. 18 breach notification from Kaiser. 

An investigation into the incident determined that the unauthorized access was outside the scope of the employees "permissible job functions."

Patient information the employee accessed include names, medical record numbers, addresses, email addresses, phone numbers and dates of birth.In some cases, medical information and photos were also viewed.

Kaiser said no Social Security numbers or financial information were involved in the breach, and said it believes that the information has not been used or shared to commit fraud or any other criminal activities.

It has sent out letters to the 8,556 individuals impacted by the breach and has terminated the employee. 

Copyright © 2022 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars