DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Asante Notifies More than 8,800 Patients Whose Records Appeared to Be Inappropriately Accessed by a Physician

Posted on March 9, 2023March 9, 2023 by Dissent

Asante provides healthcare services in southern Oregon and northern California.

On February 28, it issued a notice about an insider-wrongdoing incident. As they describe it on their site, they became aware of a concern that a doctor with admitting privileges, Dr. Paul Hoffman, may have accessed a number of patients’ records without a valid clinical need.

“Dr. Hoffman is not an employee of Asante but had access to Asante’s electronic health record system in order to treat his patients when they are seen at Asante facilities,” their notice explains.

Asante’s investigation, which took place between December 20, 2022 and February 14, 2023,  found a number of his accesses between June 12, 2014 and January 3, 2023 did not appear to have a valid reason.

The patient information accessed included patients’ names, as well as demographic,  diagnostic, and treatment information. Dr. Hoffman reportedly did not have access to patients’ full social security numbers, driver’s license numbers, or payment card or bank account information.

Asante immediately terminated Dr. Hoffman’s access to its EHR system and indicated that they were referring his conduct to the Oregon Medical Board.

Perhaps anticipating some questions about why this wasn’t detected earlier, Asante’s notice includes a statement that they utilize electronic auditing systems that review every user’s access to its electronic health record system and attempts to identify cases of inappropriate access.

“In light of this incident, Asante is evaluating whether additional measures can be put in place to more quickly detect potentially inappropriate access to medical information by authorized users.”

While Asante believes that Dr. Hoffman accessed records out of curiosity rather than for fraudulent purposes, the incident is concerning as a violation of privacy. Asante has established a dedicated, toll-free call center is available for individuals to call with questions or concerns:
(866) 674-4359 Monday through Friday, 6 a.m. to 3:30 p.m. Pacific Standard Time.

This incident was reported to HHS as impacting 8,834 patients.

A search of the Oregon Medical Board license verification site conducted today does not yet indicate any pending investigation or new charges against Dr. Hoffman. Dr. Hoffman is listed as a General Surgery Specialist in Ashland, Oregon.  The Oregon board records reveals that in response to disciplinary action, Dr. Hoffman voluntarily agreed to stop performing colonoscopies in Oregon in 2009; a voluntary revocation that continues to this day.

Dr. Hoffman’s license to practice medicine in California was revoked by that state in 2011 for failure to respond to accusations stemming from the Oregon case.

Related Posts:

  • OR: Asante Notifies Patients of Inappropriate File…
  • Radiology practice suffers ‘significant’ cyberattack
  • North Shore University Hospital notifies 7,614…
  • SSM Health notifying 29,000 patients of…
  • DCH Health System notifies 2,530 patients whose…

Post navigation

← AT&T Notifying some wireless customers of vendor incident
Boonton Police Captain Allegedly Steals Computer Towers, Internal Affairs Records →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Founder and Majority Owner of Cryptocurrency Exchange Pleads Guilty to Unlicensed Money Transmitting
  • Hackers hit Erris water in stance over Israel
  • Update: Cardiovascular Consultants Ltd. ransomware attack reportedly affected 500,000 patients, guarantors, and staff
  • Data breach by Addenbrooke’s Hospital reveals patient information
  • Millions of patient scans and health records spilling online thanks to decades-old protocol bug
  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net