Oregon police Chief Mike Navarre today said his office will conduct a criminal investigation into a security breach at ProMedica Bay Park Hospital that may have compromised the personal information of nearly 600 patients.
The chief, who said his office was not made aware of the incident by the hospital system, said he decided to pursue the investigation after calling about the incident and having a discussion with a ProMedica official about it.
ProMedica officials are not disclosing the motive behind the security breach. The hospital system said it discovered last month that an employee had accessed 594 patient records between April 1, 2013, and April 1, 2014, but officials refused to disclose why the employee violated the privacy of patients by looking at their personal information. They said the person responsible was not directly treating the patients.
“ProMedica Bay Park Hospital deeply regrets this incident and is fully cooperating with federal and legal authorities,” a hospital spokesman said in a statement. “There is no evidence that any financial information, including Social Security numbers, was accessed.
”As legally required, ProMedica Bay Park Hospital reported the event to the Department of Health and Human Services. ProMedica Bay Park Hospital intends to be transparent about the event as it has been thus far.“
Hospital officials also refused to disclose any information about the person involved in the incident, citing employee confidentiality concerns. When asked if this employee had committed a criminal offense, ProMedica officials said the incident was reported to the U.S. Department of Health and Human Services, but that no law enforcement agencies were contacted.
The hospital completed its investigation of the incident and discovered the security breach on April 2 but did not notify the public until Wednesday, nearly two months later.