The employee — who was initially placed on administrative leave, but has since been terminated — inappropriately accessed medical records of roughly 600 patients between October 2013 and March 2017. These records may have included addresses, diagnoses, driver’s license numbers and Social Security numbers.
Trios Health confirmed the employee accessed these records outside of their job function. “Based on our investigation thus far, this appears to be an isolated case in which the gathering and use of patient information for purposes of identity theft was not a motivation,” Elizabeth Rice, director of health information management and compliance officer at Trios Health, said in a news release.
Trios Health will offer affected patients the option to enroll in free identity theft protection and credit monitoring services for up to one year. It will also implement standard auditing processes and additional staff privacy training.
A Trios Health spokesperson told Becker’s Hospital Review the system did not have a further statement beyond its news release. Click here to view the full release.
More articles on health IT:
FTC: Cybercriminals find stolen personal data within 9 minutes of hackers posting it
78% of CISOs worry about ability to detect data breaches: 6 survey insights
Arizona health department: 2.5k patients’ PHI lost in mail
