Des Moines, Iowa-based UnityPoint Health has announced a data breach affecting up to 1,800 patients.
During an Aug. 8 routine check of UnityPoint's electronic medical record system , an unusual access pattern was detected, causing UnityPoint to launch an investigation into the matter, according to a hospital statement. It was recently discovered that an employee of a third-party vendor had gained unauthorized access to patient data stored in the EMR system.
UnityPoint believes the third-party employee was using the login credentials of an authorized EMR user employed by UnityPoint. A forced password reset stopped the unauthorized access, and a police investigation is ongoing.
"UnityPoint Health takes the security of our patients' information very seriously and deeply regrets that this incident occurred," said hospital officials in the statement. "We are providing additional education for authorized users of the EMR system on our strict policies regarding safeguarding their EMR password and against sharing passwords with others."
More Articles on Data Breaches:
St. Mary's Janesville Hospital Informs Patients of Possible Data Breach
Santa Clara Valley Health & Hospital System Informs Patients of Data Breach
Holy Cross Hospital Informs Patients of Possible Data Breach