Over 2300 Total Lots Up For Auction at Five Locations - FL 09/28, OK 09/29, NJ Cleansweep 09/30, CA 10/01, NJ 10/05

Ohio healthcare worker spent 11+ years prying on data from over 7,000 patients

por John R. Fischer, Senior Reporter | July 01, 2021
Cyber Security Health IT
A former employee of the Aultman Health Foundation accessed data of more than 7,000 patients for over 11 years without authorization
An employee of the Aultman Health Foundation in Ohio was fired after they were found to have spent over 11 years accessing data for more than 7,000 patients without permission.

The organization announced the privacy breach Friday, with information possibly accessed including patient names, addresses, birthdays, social security numbers, insurance information, and diagnosis and treatment information, reports The Daily Record.

"Upon discovering this, the employee’s access to Aultman’s electronic health record system was suspended, and an investigation was conducted to determine the nature and scope of the incident," said Aultman.

Servicing GE, Philips and Siemens CT equipment with OEM trained engineers

Numed, a well established company in business since 1975 provides a wide range of service options including time & material service, PM only contracts, full service contracts, labor only contracts & system relocation. Call 800 96 Numed for more info.

The culprit’s job involved coordinating patient care, which gave them access to patient data. They are said to have accessed information outside the scope of their job duties between September 2009 and April 2021. The former employee, who has not been identified, no longer has access to patient data and will not face criminal charges.

While there is no indication of data misuse, disclosure, or signs that it will be compromised, about 7,300 patients across the Aultman service area were involved in the breach. Aultman began mailing those whose information may have been accessed this week and is recommending that they review statements from healthcare providers and insurance plans to ensure only services received are listed. Those that find something wrong are encouraged to contact their provider or insurance company immediately.

It also has set up a dedicated toll-free call center to answer questions about the incident at 855-731-3203.

"To help prevent something like this from happening again, Aultman has provided additional training to its system users and is implementing additional measures to protect the information of its patients," said the organization.

The incident is a reminder that not all data privacy breaches are committed at the hands of remote hackers. A similar event took place in 2018 in which a former chief operations officer for a cybersecurity company launched a cyberattack on Gwinnett Medical Center (GMC), which had hired his company to provide cybersecurity protection. The man, Vikas Singla, was arraigned earlier this month on charges related to the attack.

The Aultman Health Foundation consists of Aultman Hospital, Aultman Orrville Hospital, Aultman Alliance Community Hospital, health insurance provider AultCare, the Aultman Foundation and Aultman College.

The Aultman Health Foundation did not respond to HCB News for comment.

You Must Be Logged In To Post A Comment