The protected health information of 1,801 patients at Penn State Milton S. Hershey Medical Center may have been compromised after an employee was working with the data on his home computer.
The employee, a clinical laboratory technician, was entering protected health information of patients receiving tests at the hospital's women's health and family practice offices into a test log. While the employee was authorized to access this information, he was using the test log on his personal computer, which is outside the secured Penn State Hershey system, according to a hospital news release. Additionally, he used a personal flash drive to transport the test log home after work and used his personal email account to send the log to two Penn State Hershey physicians, according to the news release.
Potentially affected health information includes patient names, medical record numbers, names of lab tests, visit dates and test results.
The hospital said an internal investigation does not indicate the data was accessed or viewed by any unauthorized person, but they cannot entirely eliminate the possibility" and are "notifying patients out of an abundance of caution," according to the news release.
More Articles on Data Breaches:
Mailing Error Leads to Potential Data Breach for Highmark
When Are Data Breach Victims Successful in Bringing Class-Action Lawsuits?
10 Largest Data Breaches Due to Hacking, IT Incident