The employee inappropriately viewed patient records between January 2020 and February 2021, violating Montefiore’s code of conduct, the health system said in a news release.
Montefiore discovered the improper access via its FairWarning software, which monitors improper access to electronic patient records, according to the news release. After discovering the situation, Montefiore suspended the employee and disabled their EHR access. The hospital has since fired the employee and referred the case to law enforcement, according to the news release.
The health system terminated another employee earlier this year for EHR snooping and notified patients Jan. 29. Montefiore confirmed to Becker‘s April 14 that the latest data breach is a separate incident from the January report and was a different employee involved.
Patient information involved in the latest breach included first and last names, medical record numbers, addresses, emails, and the last four digits of Social Security numbers.
More articles on cybersecurity:
8 hospitals hiring CISOs
Major DC health plan hacked, affecting 200,000: 7 details
Adventist Health fined $40K over medical records storage unit exposure
