PA: Patient information breach confirmed
Dan Kelly and Ron Devlin report:
Reading Hospital’s medical records system was breached recently by an employee who copied sensitive patient information and used it for training purposes, hospital officials confirmed Thursday.
Medical test results, diagnoses, prescribed medications and other data legally classified as Protected Health Information on 12 patients was made public without the hospital’s knowledge or the patients’ consent.
Susan Heffner, privacy officer for the hospital, said it was the hospital’s first breach of patient health information.
Read more on the Reading Eagle.
The hospital does not indicate how it became aware of the breach. I wonder if someone in the billing and coding class where the info was used reported it. I would hope so.
This is the second recent news report on a breach where the motivation was training purposes. In another breach, a radiology technician accessed patient records and projected them on a screen in a course he was teaching. It’s not clear what happened to that employee although he was not immediately fired. Reading Hospital, on the other hand, did fire the employee involved in their breach.