The personal information of University of Miami Hospital patients has been jeopardized after two former employees inappropriately accessed registration "face sheets" that contained names, addresses, dates of birth, insurance policy numbers and reasons for the visit, but no financial data or test results, the Miami Herald reported.
The face sheets displayed only the last four digits of patients' Social Security numbers. However, some patients' Social Security numbers used as insurance policy numbers may be at risk, the hospital said Friday in a statement.
The hospital learned of a patient data breach in July but said it waited until this month to announce the situation, per the request of law enforcement officials. However, once discovered, the hospital fired the two employees.
The hospital has begun notifying affected patients of the breach, which include those who visited University of Miami Hospital between October 2010 and July 2012. The hospital also is offering free credit-monitoring services to the affected patients.
It is unknown how many patient records were compromised in the incident, but according to California data, the hospital admits roughly 19,000 patients each year, the Herald noted.
As the investigation continues, the hospital said it is reviewing policies to make sure a data breach doesn't happen again.