DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Santa Barbara Public Health Notifying Patients After Employee Accessed Records Without Authorization

Posted on December 3, 2015 by Dissent

Gina Pothoff reports:

Some 260 patients with records in the Santa Barbara County Public Health Department will receive notification letters explaining that a Health Care Center employee illegally accessed their personal health information.

The department announced the unauthorized data breach Wednesday, saying a staff member accessed electronic information for an unapproved academic research project.

Read more on NoozHawk.

The health department issued the following press release yesterday:

The Santa Barbara County Public Health Department has experienced unauthorized access to 260 patient records by a Health Care Center staff member. “The Public Health Department deeply regrets this incident,” said Dr. Takashi Wada, Director of the Department.

Immediately upon learning about the unauthorized access, the Public Health Department initiated an investigation. The investigation revealed that a Health Care Center staff member accessed electronic information for an unapproved academic data research project. “At this point in the investigation, we have no reason to believe any identifying information has been shared outside of our department,” Dr. Wada added. The staff member in this incident has been denied access to any additional patient information.

The Public Health Department is cooperating with the State Department of Health Care Services. Notification letters have been sent to those whose information was inappropriately accessed. Depending upon the nature of each case, credit monitoring has been offered to patients in accordance with the regulations. Unless further information becomes available, no further action by the Public Health Department or the State is anticipated.

“Privacy and security are a priority at the Public Health Department,” noted Dr. Wada. Training has been provided to all staff, high standards are modeled with regard to the confidentiality of personal information and action is taken immediately upon learning of such incidents. As a result of this incident, all Health Care Center staff are being re-trained.

Category: Health DataInsiderU.S.

Post navigation

← Cottage Health Notifying 11,000 Patients Whose Records Were Exposed
After asking bank for $3 million ransom, hacker dumps massive customer financial database →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ireland’s Data Protection Commission publishes 2024 Annual Report
  • The headlines suggested Freedman Healthcare suffered a ransomware attack that affected patient data. The reality was quite different.
  • Runsafe report: Medical device cyberattacks threaten patient care, strain budgets, top concern for healthcare sector
  • Ryuk ransomware’s initial access expert extradited to the U.S. from Ukraine
  • Alleged Geisinger hacker will defend himself pro se.
  • Tallahassee Memorial Healthcare reveals it was also impacted by Cerner/Legacy Oracle cyberattack
  • Hospital cyberattack investigation complete, no formal review needed (1)
  • Largest Ever Seizure of Funds Related to Crypto Confidence Scams
  • IMPACT: 170 patients harmed as a result of Qilin’s ransomware attack on NHS vendor Synnovis
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data
  • DOJ Seeks More Time on Tower Dumps
  • Your household smart products must respect your privacy – including your air fryer
  • Vermont signs Kids Code into law, faces legal challenges
  • Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.