Trios Health has terminated an employee after finding out they accessed multiple patient records without permission.
So far, an internal investigation shows electronic health records of about 600 patients have been accessed by that employee. This took place between October 2013 and March of this year. Elizabeth Rice, the director of Health Information Management, says each time this violated the Health Insurance Portability and Accountability Act, known as “HIPAA”.
In a news release Trios Health says this former employee could be fined per violation. They are working with the State Attorney General and Office of Civil Rights, which is the agency within the U.S. Department of Health that enforces privacy and security rules.
“Patients whose medical records were accessed without authorization are being notified by mail during the week of May 29, and will have the option to enroll in free identity theft protection and credit monitoring services for one year at Trios Health’s expense,” according to the release.
Right now, officials believe this is an isolated case and do not believe it has to do with identity theft.