DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

IL: Former Lurie Children’s employee wrongfully accessed patient data, hospital says

Posted on December 27, 2019 by Dissent

WLS reports:

Ann & Robert H. Lurie Children’s Hospital of Chicago is notifying some of its patients about a former employee’s access of patients’ medical records.

On Nov. 15, the hospital learned that between Sept. 10, 2018 and Sept. 22, 2019, an employee accessed certain patients’ medical records without a business reason to do so, Lurie Children’s said in a news release Friday.

Read more on ABC.

The following notice appears on the hospital’s website, linked from their homepage:

Notice

Notice to our Patients of Unauthorized Access to Certain Patient Medical Records

Ann & Robert H. Lurie Children’s Hospital of Chicago (“Lurie Children’s”) is committed to providing the highest standard of patient care, as well as protecting the privacy and confidentiality of our patients. Regrettably, this notice concerns an incident involving unauthorized access to certain patient medical records.

On November 15, 2019, we discovered that between September 10, 2018 and September 22, 2019 an employee accessed certain patients’ medical records without a business reason to do so. We immediately terminated the employee’s access to all patient information, and began a thorough investigation. As part of our investigation, we determined that the information viewed included certain patients’ names, addresses, dates of birth and medical information, such as diagnosis, medications, appointments, and procedures.

It is important to note that the employee was not able to see full Social Security numbers, insurance information, or financial account information, and that we have no reason to suspect that there has been any misuse or further release of patient information associated with this incident. We addressed this issue in accordance with its disciplinary policies, and the employee no longer works for the Hospital.

We want our patients to know that we are taking this matter very seriously. We began mailing letters to affected individuals on December 26, 2019, and have established a dedicated call center to answer any questions individuals may have. If you have questions, please call 844.967.1238, available Monday through Friday, 8 a.m. – 5:30 p.m. Central Time. It is always a good idea to review any statements you receive from your healthcare provider. If you see any services not received, please contact the provider immediately.

We deeply regret any inconvenience and concern this incident may cause our patients. To help prevent something like this from happening in the future, we are retraining our staff regarding appropriate access to patient records.

No related posts.

Category: Health DataInsiderU.S.

Post navigation

← TX: San Antonio mental health and substance abuse services provider hit by ransomware attack
Vistaprint Logomaker files viewable due to insecure Amazon s3 bucket →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.