On September 3, 2024, Kaiser Permanente discovered that an unauthorized party gained access to the Kaiser Permanente email accounts of two members of their workforce. Upon learning of the incident, they terminated the unauthorized access and immediately began an investigation to determine the scope of the access. After validating the email contents, they determined that some patients’ protected health information was involved.
The protected health information potentially accessed and/or viewed included first and last names, dates of birth, medical record numbers, and medical information. Sensitive information such as Social Security numbers and financial information were not involved.
After discovering the event, Kaiser Permanente quickly took steps to terminate the unauthorized party’s access to the workforce members’ emails. This included resetting the workforce members’ email account password. Kaiser Permanente is taking appropriate steps to prevent this type of incident from recurring including, but not limited to, strengthening internal practices and controls.
What 'Light' Daily Cleaning of Patient Rooms Misses
Sprinkler Compliance: Navigating Code Mandates, Renovation Triggers and Patient Safety
MUSC Board of Trustees Approves $1.1B South Carolina Cancer Hospital
Study Outlines Hand Hygiene Guidelines for EVS Staff
McCarthy Completes $65M Sharp Rees-Stealy Kearny Mesa MOB Modernization