Henry Mayo Newhall Hospital in Valencia, CA, has discovered an employee has accessed the protected health information of certain patients without a valid business reason for doing so. The privacy breach was detected on May 8, 2023, and notification letters were sent to affected individuals on May 26, 2023.
The investigation confirmed that the employee was able to view patient information such as names, birth dates, medical record numbers, visit numbers, and clinical data such as diagnoses, vital signs and narrative clinical notes. The employee was interviewed about the unauthorized access and Henry Mayo believes the records were accessed out of curiosity and that no patient information has been further disclosed or misused. The hospital has acted per its sanctions policy and has taken steps to prevent further privacy breaches in the future, including continuing to counsel and educate staff members.
It is currently unclear how many patients have been affected.
Must Know Recalls of 2025
Sustainability as a Baseline in Healthcare Facilities
Comanche County Memorial Hospital and Southwestern Medical Center Join to Form Partnership
Choosing a Disinfectant That Kills Biofilm
Third-Party Data Breach Case Underscores Need for Cyber Risk Management