UPMC said it became aware of the breach on Aug. 8. The health system discovered that a former employee had sent a medication administration report to an outside organization without a business need.
UPMC terminated the employee’s access to its information systems and said the individual is no longer affiliated with the health system, according to UPMC’s March 5 statement.
Patient information exposed included names, internal UPMC identification numbers and medication administration data, which may include drug names, dosages and reasons for administration. The health system said no Social Security numbers or medical records were inappropriately accessed or disclosed.
More articles on cybersecurity:
65,000 Humana members’ information exposed in wrongful records access incidents
Email hacking incident exposes patients’ info at 2 Trinity Health hospitals
Hackers demand $1.75M from North Carolina clinic during 6-day ransomware attack
