Beacon Health notifies 1.2k patients after former employee views records without authorization

Jessica Kim Cohen -

South Bend, Ind.-based Beacon Health System notified roughly 1,200 patients about a privacy breach after discovering a former employee accessed medical records without proper authorization.

Here are four things to know.

1. During an audit of employee access to medical records, Beacon determined an employee viewed patient records without authorization between March 2014 and March 2017. Beacon immediately launched an investigation with the assistance of a third-party forensic investigation firm.

"After an anomaly outside of Beacon's routine monitoring was detected, upon further review, there was evidence that records other than those that were needed to complete this individual's job duties were viewed," a Beacon spokesperson told Becker's Hospital Review via email.

2. There was indication of access to 1,239 records, according to the Beacon spokesperson. These records may have included patient names, Social Security numbers, diagnoses and health insurance coverage, among other information. The employee denied downloading or misusing any information.

3. The employee told Beacon they accessed records out of curiosity after patient emergency room visits. The investigation is ongoing, however, Beacon has not found evidence of information misuse.

"A third party forensic review validated that no information was electronically downloaded or transferred," Beacon wrote. "Out of an abundance of caution, Beacon took the most conservative route to report the incident and notify those involved."

4. Beacon will review employee training curriculum and implement new privacy procedures. The health system offered affected patients access to one year of free identity monitoring and identity restoration services through Experian.

Click here to view the full notification.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.