Greeneville, S.C.-based Bon Secours St. Francis Health System fired an employee after learning the employee had been inappropriately accessing patient records and allegedly filing claims with other employees' health insurance companies.
In a notice to patients, St. Francis said employees started reporting concerns in late July regarding bills they received for unpaid balances for a prescription cream. An investigation into the concerns discovered a fellow employee had "caused potentially fraudulent charges to be billed to the other employee's insurance plans," according to the health system.
St. Francis then initiated further investigations to assess the employee's access to patient medical records. The investigation found from Jan. 1, 2014 to Aug. 12, 2015, the employee accessed patient medical records "in a manner that was inconsistent with her job functions, hospital procedures and the training that this employee received regarding the appropriate access of patients' medical records," according to the health system.
Compromised information includes patient names, birth dates, driver's license numbers, insurance information, clinical information and potentially Social Security numbers.
A Greenville Online report indicates fewer than 30 employees and nearly 2,000 patients are affected by this data breach.
More articles on data breaches:
Chinese hackers continue to target US companies following cyberpact
Data breach from stolen University of Oklahoma laptop affects 9,000 patients
15 of the biggest data breach settlements and HIPAA fines