An employee of Chardon, Ohio-based Geauga Medical Center inappropriately accessed the medical records of 677 patients, including their sensitive personal and medical data, between Aug. 15, 2015 and Jan. 3, 2016, according to a statement from University Hospitals of Cleveland, Geauga's parent system.
Geauga Medical Center discovered the breach on Jan. 16, and is unaware of any attempt to misuse the patient information that was accessed. The hospital has also notified law enforcement about the incident, which was caught when an internal review found an unusual pattern of EHR access.
The employee has been terminated, and the medical center has notified any patients who may have been affected, adopted enhanced monitoring policies for EHRs and reeducated staff on HIPAA, according to a statement from University Hospitals.