The Covenant HealthCare informed to 6000 patients that there information was accessed by one of their employees by illegal means. In November 2016, the breach was found during the review of EMT logs. The review highlighted the irregular access of the data from one employee. For this Covenant HealthCare took immediate actions and conducted a complete review of the employee that what type of data is accessed by the employee and either he has any reason to access those data information or not?
The review highlighted that Covenant HealthCare’s employee started accessing the data improperly on 1st Feb 2016 and this processes continued till 21st Nov 2016. It involved 6,197 people’s information. The affected data contained the information about the names of the patients, the birth dates, the insurance information, addresses, the treatment information, medical records and the licenses numbers of drivers.
Kristen Kroll who is the spokesperson of Covenant HealthCare stated that HIPAA breach investigation process was immediately started and the result of the investigation resulted in the termination of employee. Knoll also stated that they have also informed the breach information to all the related agencies. Now all the affected people has also been notified for the breach using emails. Although the company delayed notification for 2 months as it took 2 months to complete the process of investigation.
The company did not find any information about the misuse of the information. All the affected people who lost their SS number has been informed and offered the free credit monitoring services to minimize the risk in future. Covenant HealthCare has also improved the training of their employees on patient privacy. EPHI logs has been reviewed properly so that the such future spams can be minimized.