Officials at Riverside Health System in Newport News, Va., have discovered an employee had been inappropriately accessing patient records between September 2009 and October 2013.
The breach was discovered Nov. 1 during a random internal audit. Officials believe 919 patient records were viewed during the four-year period. The employee has been terminated, and health system officials are in the process of contacting patients or next-of-kin to notify them of the breach.
"Riverside would like to apologize for this incident," said Riverside spokesperson Peter Glagola in a news release. "We are truly sorry this happened. We have a robust compliance program and ongoing monitoring in place, and that's how we were able to identify this breach. We are looking at ways to improve our monitoring program with more automatic flags to protect our patients."
More Articles on Data Breaches:
Kaiser Permanente Faces Class-Action Suit Over Data Breach
Barry University Informs Patients of Malware-Caused Data Breach
Stolen Laptop Leads to 20-Year FTC Oversight for Accretive Health