Central Health Employee Accessed Patient Data
|Central Health Employee Accessed Patient Data|
|Short Title||Employee of Central Health Found Snooping on Private Medical Records of Patients|
|Information||Medical and Health, Demographic, Identifying|
|Threat Actors||Central Health, Central Health employee|
|Affected||Patients of Central Health|
|High Risk Groups||Medical Patient|
An employee of Central Health got caught snooping on patients information, such as their diagnosis, age, doctor's information and more.
A former employee of Central Health got caught involved in a series of privacy breaches, spanning two years and 240 patients. They had access to the Meditech system containing files with people's medical information and was found snooping on the patient’s personal information. Insecurity
They had access to two types of files, which contained summary information of a patient in hospital, including their diagnosis, their attending physician, age, sex and even what room in the hospital they were in.
This employee no longer works with Central Health.
Generally every Central Health employee has to go through privacy training upon hiring. Central Health performs privacy audits weekly, designed to catch breaches, picking employees at random and checking their access as well as doing more targeted audits. But this breach fell through the cracks, prompting questions as to why.
Central Health publicly apologized to the 240 patients after the employee accessed their private records.