Honolulu-based Hawaii Pacific Health has fired an employee after discovering the employee had inappropriately accessed patient medical records.
The employee worked at Straub Medical Center. The health system found that the employee had wrongfully accessed patient records between November 2014 and January 2020. According to HHS’ Office for Civil Rights data breach portal, 3,772 patients may have been affected.
Hawaii Pacific Health does not believe the former employee was accessing the information for the purpose of identity theft. Rather, they believe the employee was acting out of curiosity. Nonetheless, Hawaii Pacific Health is offering the affected patients one year of free credit monitoring and identity restoration services.
Patient data that may have been exposed included names, addresses, phone numbers, email addresses, dates of birth, religion, race/ethnicity, Social Security numbers, medical record numbers, primary care providers, dates of services, appointment notes, hospital account numbers, department names, provider names, account numbers and health plan names.
Since the incident, Hawaii Pacific Health has reviewed its internal procedures and staff training. The health system is also looking to invest in different technologies.