Henry Mayo Newhall Hospital in Valencia, CA, has discovered an employee has accessed the protected health information of certain patients without a valid business reason for doing so. The privacy breach was detected on May 8, 2023, and notification letters were sent to affected individuals on May 26, 2023.
The investigation confirmed that the employee was able to view patient information such as names, birth dates, medical record numbers, visit numbers, and clinical data such as diagnoses, vital signs and narrative clinical notes. The employee was interviewed about the unauthorized access and Henry Mayo believes the records were accessed out of curiosity and that no patient information has been further disclosed or misused. The hospital has acted per its sanctions policy and has taken steps to prevent further privacy breaches in the future, including continuing to counsel and educate staff members.
It is currently unclear how many patients have been affected.
How Architects Shape the Future of Healthcare Facilities
UNC Health, Duke Health Form Partnership for Stand-alone Children's Hospital
Sarasota Memorial Hospital Plans to Build New Facility in North Port
CMMS, Data and the Path to Compliance
Healthcare is a Major Ransomware Target