Saturday, Dec 03, 2016
One of America's Great Newspapers ~ Toledo, Ohio

Medical

Oregon Police, ProMedica Health System officials to discuss results of data breach investigation

Oregon Police and ProMedica Health System officials plan to hold a joint news conference Friday to discuss results of a criminal investigation into a breach of nearly 600 patient records at Bay Park Hospital.

Police Chief Mike Navarre launched the investigation on May 30 after Bay Park officials informed the public that an employee accessed nearly 594 patient records between April 1, 2013, and April 1, 2014, and that the person responsible was not directly treating the patients.

It was later revealed by police and ProMedica officials that the employee was a woman who was employed as respiratory therapist at the hospital. ProMedica officials said the woman gave contradictory accounts as to why she compromised the patients’‍ records, then quit and walked out of a meeting at which hospital officials questioned her about the incident.

“Based on our records, we don’t believe the information accessed by the employee contained any financial information, including Social Security numbers, or that the employee intended to retain any viewed information,” hospital officials said last month.

When Chief Navarre learned about the data breach from news media, he contacted hospital officials and then decided to begin a criminal investigation.

“Based on what I was told today, I think it warrants a criminal investigation that will determine what laws were broken,” he said last month.

The hospital sent letters to individuals whose records were compromised and offered to pay for identity-theft protection services for those affected for up to a year.

In similar cases of hospital-data breaches, people responsible have faced federal criminal prosecution for identity theft and privacy-law violations.

In 2012 an employee who accessed personal patient information at Northwestern Memorial Hospital in Chicago was charged with identity theft. In 2011, a former employee of the University of Pittsburgh Medical Center Shadyside, near Pittsburgh, pleaded guilty to violating the Health Insurance Portability and Accountability Act after stealing patients’‍ personal information.

ProMedica officials said the incident was also reported the U.S.Department of Health and Human Services. A spokesperson for the HHS Department of Civil Rights said the federal investigation into possible violations of the Health Insurance Portability and Accountability Act (HIPAA) could take years to complete.

Contact Marlene Harris-Taylor at: mtaylor@theblade.com or 419-724-6091.
Click to comment

Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem?

Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet.

Copyright © 2015 Toledo Blade

To Top

Fetching stories…