The University of Miami Hospital recently announced that two former employees had inappropriately accessed patient information, including patient names, addresses, dates of birth, insurance policy numbers, and reasons for hospital visits.
While Social Security numbers were not included in the stolen data, the hospital notes that some health insurance plans continue to use Social Security numbers as insurance policy numbers — and those numbers were included in the breach.
“UM spokesperson Lisa Worley said the two employees, who have not been identified, were immediately terminated after an investigation by Miami-Dade Police into the security breach,” CBS Miami reports. “It is [not] clear if the two face criminal charges.”
“The statement said records containing other financial or medical information were not affected,” writes Modern Healthcare’s Joe Carlson. “Patients who were treated between October 2010 and July 2012 at the hospital were potentially affected. Although the hospital learned of the breaches in July, it said it waited to announce the situation until this month at the request of investigators.”
“State records indicate that the UM hospital admits about 19,000 patients a year,” writes The Miami Herald’s John Dorschner.
“This is not the University of Miami Hospital’s first patient data breach,” notes Healthcare IT News’ Erin McCann. “On Nov. 2011, a flash drive containing the demographic and clinical data of an estimated 1,219 patients was stolen from a physician’s car.”