Breach, Compliance Management, Data Security, Network Security, Privacy

UnityPoint Health-Allen Hospital patient data compromised

UnityPoint Health-Allen Hospital in Waterloo, Iowa, reported that patient information was exposed by a worker over a seven year period.

The hospital is notifying about1,620 patients that their personal information was inappropriately accessed by a now former employee.

The staffer was authorized to access patient information, but in this case she also viewed electronic medical records of patients outside the scope of her job, according to the Waterloo Cedar Falls Courier.

Names, addresses, dates of birth, medical and health insurance account numbers, social security numbers, and information related to treatment were accessed between September 2009 and March 2016, according to the publication.

Hospital staff detected the access to the medical records on March 14, 2016 and has since disabled the employee's account, took disciplinary action, and reported the incident to the U.S. Department of Health and Human Services.

Those affected are being notified and will be offered a year of identity fraud protection.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.