Insider Breach Spanned 2 YearsHospital Business Associate Worker Improperly Accessed Info
An employee at a business associate serving Aventura (Fla.) Hospital and Medical Center inappropriately accessed information on thousands of patients over a two-year period.
See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion
Valesco Ventures, which provides hospital physician staffing and related services, says in a notice published in local media outlets earlier this month that an employee inappropriately accessed the patient information from Sept. 13, 2012 , through June 9, 2014.
Nearly 83,000 patients were impacted by the incident, according to the U.S. Department of Human Services' Office for Civil Rights "wall of shame" list of breaches affecting 500 or more individuals.
Information the employee accessed includes patient names, dates of birth and Social Security numbers, according to the published notice. Valesco Ventures and Aventura Hospital are assisting law enforcement in the investigation, the notice says.
"Valesco Ventures and Aventura Hospital and Medical Center are committed to the proper handling and protection of patient information, and have been working to review our processes and systems to further ensure that personal information is protected in a secure manner," the statement says.
Valesco Ventures is a joint venture between EmCare and Aventura's parent company, Hospitals Corporation of America, according to PHIPrivacy.net. Aventura, EmCare and HCA did respond to a request for additional information.
The OCR's list of major breaches includes two other incidents involving Aventura Hospital and Medical Center that both occurred in 2012, which, combined, impacted a total of 3,500 individuals.