South Bend-based Beacon Health System is notifying about 1,200 patients that a former employee accessed patient records without proper authorization. The health system says it is unaware of any "actual or attempted misuse of patient information," which includes Social Security numbers and possibly financial and health insurance information.
Beacon says the former employee may have had authorization to view patient records in certain circumstances, the employee exceeded the access to which he or she was permitted. The unauthorized access is said to have occurred between March 2014 and March 2017.
Other data included in the patient information accessed by the employee includes first and last name, age, diagnosis, room number, and acuity of illness. Beacon did not state in which medical facility the former employee worked.
"We take patient privacy very seriously," said Mark Warlick, chief information officer of Beacon Health. "We have taken steps to help prevent another incident of this kind from happening by implementing additional protocols, reviewing our policies and procedures, and providing additional training to staff."
Beacon says it is offering complimentary access to identity monitoring and restoration services as well as providing notice of the unauthorized access to the various state Attorneys General and the U.S. Department of Health and Human Services.
The health system has also set up a toll-free hotline for any impacted patients who may have questions. The hotline, open from 9:00 a.m. to 9:00 p.m., is (888) 729-1602.