An employee from MUSC Health Lancaster (S.C.) Medical Center inappropriately accessed electronic health records of about 1,800 patients between Oct. 6, 2022, and April 11, 2023.
Upon learning of the incident, MUSC suspended the employee and launched an investigation into the incident, which determined that the individual had viewed names, addresses, phone numbers, email addresses, dates of birth, medical record numbers, dates of service and primary care physician's name of 1,420 patients.
For 385 of the records, the health system said the employee may have viewed names, addresses, phone numbers, email addresses, dates of birth, medical record numbers, dates of service, primary care physician's name, and information regarding care received at the health system.
MUSC said no financial information or Social Security numbers were viewed during the incident, and said it does not believe the employee copied, used or disclosed any of the information from the EHRs, according to a breach notification from the health system.
The health system is offering free credit monitoring for all affected individuals.