David Breen reports:
Florida Hospital has admitted — in a newspaper advertisement — that its employees improperly accessed patient information at emergency departments in three Central Florida counties during a 20-month period ending in August.
Law enforcement has been contacted and investigators are reviewing what happened in what was described as an ‘inappropriate access” of personal information.
The employees, who have been fired, accessed information including patients’ names, date of birth, Social Security numbers, and insurance information, according to the ad. The breaches occurred at emergency departments in Orange, Osceola and Seminole counties, the ad says. Not all patients who went to emergency rooms during that time had their records breached.
The unobtrusive quarter-page ad, which is headlined simply “Public Notice” and does not bear the Florida Hospital logo, says the breaches occurred between Jan. 1, 2010, and Aug. 15, 2011. It appears on Page A11 of today’s Sentinel.
Read more on Orlando Sentinel.
Florida Hospital’s web site has a notice dated September 29 linked from its home page that says, in part:
We are notifying you regarding your Emergency Department visit to Florida Hospital between the dates of January 1, 2010 and August 15, 2011. On August 15, 2011, we learned that an employee accessed portions of your medical record which included your name, date of birth, social security number and insurance information. Based on the information we have to date, it appears the employee may have been looking to identify motor vehicle accident victims, although we cannot be certain. A portion of this access was outside the scope of the employee’s job duties.
Upon learning of the incident, Florida Hospital investigated the actions taken by the employee. As a result of our findings, the employee was terminated, and Florida Hospital notified law enforcement for further investigation review of this incident.
While Florida Hospital has no evidence that your information has been misused, we are taking key steps to help guard against the damage identity theft can cause and have heightened security measures to protect our patients and Florida Hospital from future incidents. We are very sorry for the inconvenience this incident may cause you.
Update: See a subsequent blog entry for an update on this case.