Ohio Hospital Worker Snooped on 7,300 Patient Records over 12 Years

HIPAA Journal

Steve Alder

A former employee of Aultman Health Foundation accessed 7,300 patient records without authorization for almost 12 years before the HIPAA violation was discovered.

The employee was provided with access to patient records to fulfil duties related to coordinating patient care but was discovered to have accessed patient records when there was no legitimate work reason for doing so. The types of information accessed included patient names, addresses, dates of birth, health insurance information, diagnosis and treatment information, and Social Security numbers.

Aultman said it suspended the employee’s access to patient records as soon as the privacy violation was uncovered, and an investigation was immediately launched to determine the nature and scope of the HIPAA violation. The investigation revealed the employee accessed patient records without authorization from September 14, 2009 until April 26, 2021. The employee was terminated for violating HIPAA and hospital policies.

Aultman has started...

Get the Morning Update

Thanks for subscribing!