Security of patient records breached across the country

Security breaches of patient records have been popping up in the news recently, with some breaches affecting hundreds.

A federal grand jury on Thursday indicted a former employee of University of Maryland Medical Center, with three others accused, of stealing patient identities to open credit accounts, according to a WBAL TV report.

The Medical Center said, "Protecting our patients' personal information is a top priority. We have policies and procedures in place to ensure that patient information remains strictly confidential. This breach was a result of a crime, and not a lapse of hospital procedures."

If convicted, each of the accused faces up to 30 years in prison.

In related news, Wake Forest Baptist in North Carolina notified 357 people (including employees and patients) that former employee Linda Turner was hoarding their medical records at home, according to WFMY News.

In Colorado Springs, police are investigating whether a former occupational health nurse, Lori Niell, of Memorial Hospital accessed 2,500 patient records without cause, according to the Colorado Springs Gazette

Troy Regional Medical Center in Alabama notified 880 patients about a data breach of personal information, including birthdays and social security numbers. The hospital will provide affected patients with protection resources at no expense for one year, according to a Troy Regional announcement. 

And perhaps more notoriously, the University of California at Los Angeles Health System (UCLAHS) this month paid a fine of $865,500 for HIPAA violations including breaches of secure medical reports of celebrities, reports FierceHealthIT.  

The HITECH Act requires that security breaches affecting 500 or more individuals must be publicly reported on the Health & Human Services website, otherwise known as the "wall of shame."

To learn more:
- watch the WBAL TV report
- read the WFMY News article
- read the Colorado Springs Gazette article
- read the Troy Regional statement
- read the FierceHealthIT article
- check out the HHS data breach website