Tuscaloosa, Ala.-based DCH Health System has fired an employee who improperly gained access to its electronic medical records system.
According to a Jan. 19 breach notification from DCH, 2,530 patients have been notified by mail that their medical records may have been viewed by the now-former employee "without a legitimate business need related to the employee's job duties."
The breach was discovered during a routine privacy audit on Dec. 9, according to DCH.
The types of information that may have been viewed due to the improper access include names, addresses, dates of birth, Social Security numbers, dates of encounter, diagnoses, vital signs, medications, test results, and clinical notes.
DCH said it believes the information has not been misused, however it is offering free credit monitoring and identity theft protection services to all affected individuals.