Lowell General Hospital notifies 769 patients of data exposure resulting from employee wrongdoing

Lowell (Mass.) General Hospital notified 769 patients after it learned an employee may have inappropriately accessed their medical records, according to HHS' Office for Civil Rights breach portal.

The hospital launched an investigation into the incident and believes a single employee accessed its EHR without a medical reason to do so, directly violating hospital policy and trainings. The employee has been terminated.

The information that was inappropriately accessed may have included names, dates of birth, diagnoses and other information about patients' medical treatment. The individual did not have access to Social Security numbers, insurance policy numbers or any financial information. The hospital does not have evidence any of the information has been misused.

Lowell is reviewing the privacy and security of its EHR and is improving its monitoring of employee activities.

Becker's Hospital Review has reached out to Lowell General Hospital for comment. This story will be updated as more information becomes available.

More articles on cybersecurity:

GE to cut 4.5k jobs in Europe

Atlanta tech companies worried tax bill implicates research

4 tips for using EHR data in public health

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers