Pittsburgh-based UPMC is notifying 1,300 patients treated at various UPMC locations their records were inappropriately viewed by a UPMC McKeesport employee.
UPMC officials became aware of the breach when another employee reported the violation. The offending employee was terminated, and UPMC has planned additional compliance and privacy training for its employees.
"UPMC is committed to meeting our patients’ privacy expectations. We will continue to make significant investments in employee training and the best available tools for managing the use of our patients' electronic records," said John Houston, vice president of privacy and information security at UPMC, in a news release. "However, there is no fail-safe system, and we ultimately depend on the integrity, vigilance and honesty of all of our employees."
UPMC does not believe the viewed information was stored or used for financial gain, but it is offering a hotline and privacy resources for affected employees.
More Articles on Data Breaches:
Data Breach Confirmed on Vermont HIX Site
Another UCSF Data Breach Affects 8k
Florida Department of Health Notifies 2,200 Patients of Data Breach