The University of Miami Hospital (UMH) has disclosed that two employees were accessing patients’ personal information inappropriately and may have sold it to a third party. According to officials at the hospital, the two employees, who were terminated immediately upon discovery of their activities, were taking data from “face sheets” used during patient registration.
While the compromised data does not include test results or financial data, the face sheets did contain patients’ names, addresses, dates of birth, insurance policy numbers, and the reason and service area for the visit. The hospital also noted that some insurance carriers still use Social Security numbers as their policy numbers and therefore some patients’ SSNs may have been included in the data. Patients who visited the 1400 N.W. 12th Avenue, Miami facility between October 2010 and July 2012 may be affected, though the hospital has not stated how many patients this could be and has no indication at this time that medical records are at risk.
Data breaches are becoming all too common, and more and more healthcare organizations will be found in violation of HIPAA regulations if better security is not put into place and enforced. Firewalls and server failover solutions are among the IT and managed IT options available from Microwize Technology.