From NBC:
The University of Connecticut Health Center is notifying patients about a privacy breach that could affect around 1,400 patient records.
UConn Health Center issued a news release on Friday morning saying that a former employee, while employed for the center, inappropriately accessed approximately 1,400 patient records that were beyond the scope of the employee’s responsibilities.
The health center became aware of the breach on January 7 and said the records included names, addresses, birthdates and, in some cases, Social Security numbers, and other health information.
Read more on NBC.
The following is UCHC’s press release:
Patients Notified of Privacy Breach
Free Credit Monitoring Offered; Toll Free Hotline Established, 1-877-313-1398
While employed at the University of Connecticut Health Center, a former employee inappropriately accessed approximately 1,400 patient records that were beyond the scope of the employee’s responsibilities. The records included names, addresses, dates of birth and in some cases, Social Security numbers and other health information. On January 7, 2013, the Health Center became aware of the privacy breach.
At this time, there is no evidence to suggest that as a result of the improper access that any patient’s personal information was retained or used for any purpose.
All Health Center employees are required to undergo training about patient privacy upon employment, and education is reinforced with ongoing training. The Health Center is currently evaluating all education and monitoring efforts to ensure ongoing compliance.
“We sincerely regret the inconvenience and concern this may cause our patients,” said the Health Center’s Privacy Officer, Iris Mauriello. “The actions of one person do not define the integrity of our entire workforce and all of our collective efforts to ensure the privacy of health records. Our patients rely on each of us to ensure safe and responsible use of the information with which we have been entrusted. We take that very seriously,” she added.
Starting on March 8, 2013, all patients who were the subjects of the privacy breach will receive instructions on protecting themselves against potential identity theft. The Health Center is also offering the patients, a free, two-year subscription to a credit monitoring service along with insurance coverage to assist with any possible identity theft related to the breach.
Patients are instructed to call 1-877-313-1398, Monday through Saturday, from 9 a.m. to 9 p.m., EST.
Patients can be assured that the Health Center is committed to protecting the privacy of all of its patients and has established protocols to safeguard that information.
Note that they do not explain why there was a two-month gap between discovery and notification of patients.