UConn Health Center Admits Second Insider Breach This Year

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

The UConn Health Center has announced that it became aware on November 4, 2013 that an employee had inappropriately accessed 164 patients' medical records (h/t HealthITSecurity).

Data accessed by the employee may have included names, addresses, birthdates, Social Security numbers, and diagnosis and treatment information. Still, the center says there's no indication that any of the data has been misused.

The center mailed notification letters to those affected on November 27, 2013, and is offering them two years of credit monitoring and identity protection services from AllClear ID.

"It is important to know that all Health Center employees are required to undergo training about patient privacy upon employment, and education is reinforced with ongoing training," center compliance integrity and privacy officer Iris J. Mauriello wrote in a statement on the center's Web site. "The Health Center continues to investigate this matter and the employee in question has been placed on administrative leave."

In March of 2013, the UConn Health Center announced that a former employee had inappropriately accessed approximately 1,400 patient records, and similarly offered all those affected a two-year subscription to a credit monitoring service.