You have permission to edit this article.
Edit
AP

Huntington Hospital – Notice of Unauthorized Access to Personal Information

  • Updated

HUNTINGTON, N.Y.--(BUSINESS WIRE)--Nov 24, 2021--

Huntington Hospital has sent notices to approximately 13,000 patients about an incident involving the unauthorized access of personal information. The hospital learned that a night shift employee improperly accessed electronic medical patient records in violation of its policies. After a thorough investigation, on February 25, 2019, the hospital determined that the employee improperly accessed patient information without role-based authorization between October 2018 and February 2019. The employee was immediately suspended, and he was subsequently terminated. In addition, Huntington Hospital notified law enforcement of the incident. The hospital cooperated with the law enforcement investigation, which included following instructions to delay notifying any patients who were potentially impacted by this incident through November 2021. The law enforcement investigation resulted in the former employee being charged with a criminal HIPAA violation.

There is no evidence that the former employee accessed Social Security numbers, insurance information, credit card numbers or other payment-related information. The patient information accessed by the former employee may have included demographic-type information such as name, date of birth, telephone number, address, internal account number and medical record number; and clinical information such as diagnoses, medications, laboratory results, course of treatment, the names of health care providers, and/or other treatment-related information.

Huntington Hospital has a robust compliance program that includes ongoing training of its employees, implementation of security tools to monitor access to medical record applications, and audits of medical record access. The hospital has taken additional steps to prevent this type of incident from occurring in the future, including bolstering access controls and targeted re-training of staff on the importance of protecting patient confidentiality.

As an added precaution, Huntington Hospital is offering all impacted patients complimentary identity theft protection services through Experian IdentityWorks SM for one (1) year, unless a longer time period was required by applicable state law.

This notice is being provided in accordance with the media notice requirements of the Health Insurance Portability and Accountability Act, as amended by Health Information Technology for Economic and Clinical Health Act. Huntington Hospital has notified impacted patients and will notify relevant regulatory bodies, including the U.S. Department of Health and Human Services.

View source version on businesswire.com:https://www.businesswire.com/news/home/20211124006159/en/

CONTACT: Barbara Osborn

516-321-6702

bosborn@northwell.edu

KEYWORD: UNITED STATES NORTH AMERICA NEW YORK

INDUSTRY KEYWORD: SECURITY HEALTH TECHNOLOGY HOSPITALS PRACTICE MANAGEMENT MANAGED CARE

SOURCE: Huntington Hospital

Copyright Business Wire 2021.

PUB: 11/24/2021 02:00 PM/DISC: 11/24/2021 02:02 PM

http://www.businesswire.com/news/home/20211124006159/en

Copyright Business Wire 2021.

Coronavirus Cases widget

  • Positive Cases Among Kern Residents: 156,517

  • Deaths: 1,781

  • Recovered and Presumed Recovered Residents: 147,668

  • Percentage of all cases that are unvaccinated: 92.72

  • Percentage of all hospitalizations that are unvaccinated: 93.17

Updated: 11/24/2021. Source: Kern County Public Health Services Department

More Coronavirus coverage