Terminated Employee Breached at Least 600 Patient Records
An employee at Trios Health in Washington was terminated after the organization discovered they had inappropriately accessed at least 600 patients’ medical records inappropriately between October 2013 and March 2017. The breach was discovered during a planned review by the team of Trios’s new director of Health Information Management and compliance officer Elizabeth Rice. The employee has since been terminated.
“This significant issue came to light as part of a thorough and systematic examination that is still underway,” said Rice in a statement. “We took immediate action to investigate it, notify the appropriate parties, and begin putting additional protections in place to prevent it from happening again.”
Affected patients have been notified. It is possible that information including protected health information such as diagnoses and demographic information such as addresses, driver’s license numbers, and Social Security Numbers was accessed during these breaches, according to KEPRtv.com.
This incident serves as a reminder to healthcare providers that security and compliance takes place on multiple fronts. According to Health Data Management, “The incident is the latest in a spate of breaches at healthcare organizations of protected health information roused by insiders; it is the fifth such incident that Health Data Management tracked in May.”
Following the initial investigation, Trios Health has implemented new restrictions in its electronic health record for staff within the terminated employee’s department.
Sarah Sheber is assistant editor/web editor at Journal of AHIMA.