Establishing Digital Trust: Don't Sacrifice Security for Convenience
The University of Connecticut Health Center has acknowledged that a former employee inappropriately accessed approximately 1,400 patients records, which included patient names, addresses, birthdates, and in some cases, Social Security numbers. The Health Center became aware of the breach on January 7, 2013.
"UConn spokesman Chris DeFrancesco said there's nothing to suggest that any of the information was downloaded, printed or copied or used by the employee," writes The Hartford Courant's William Weir. "He said the employee, a woman who worked at the center for 11 years, resigned in December after an internal investigation. The investigation, started in October, found that the privacy breaches dated back to June 2010."
"We sincerely regret the inconvenience and concern this may cause our patients," UConn Health Center Privacy Officer Iris Mauriello said in a statement. "The actions of one person do not define the integrity of our entire workforce and all of our collective efforts to ensure the privacy of health records. Our patients rely on each of us to ensure safe and responsible use of the information with which we have been entrusted. We take that very seriously."
All patients who were affected by the breach will be provided with a two-year subscription to a credit monitoring service. Patients with questions should call (877) 313-1398.
"Note that they do not explain why there was a two-month gap between discovery and notification of patients," PHIprivacy.net reports.