Omaha-based Nebraska Medical Center, part of Nebraska Medicine, submitted a data breach to HHS on May 5.
The hospital reported unauthorized access to its EHR that affected 1,311 individuals. The hospital took steps to notify all affected patients after the issue was discovered and the individual who accessed the patient records without authorization is no longer employed at the hospital. The individual did not access financial information, driver’s license numbers or Social Security numbers, according to a statement from Nebraska Medicine.
In December, Nebraska Medicine notified patients of a separate security incident where an employee improperly viewed medical records between July 11, 2018, and Oct. 1, 2019. The health system terminated that employee for mishandling patient records. HHS reported 1,149 records were affected in this incident.
After the breach was discovered, the health system said it would regularly audit its EHR system to prevent future breaches and re-train staff on appropriate patient information access.
More articles on cybersecurity:
Saint Francis Healthcare Partners email hack affects 38,529 patients
Ransomware attackers hit 2 providers, post patient information and photos online: 5 details
BJC HealthCare reports employee email breach exposes PHI for 19 facilities: 5 details