Tenn. Healthcare Employee Gives Patients’ PHI to Competing Provider | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Tenn. Healthcare Employee Gives Patients’ PHI to Competing Provider

April 21, 2014
by Rajiv Leventhal
| Reprints

University Urology, P.C. of Knoxville, Tenn. has acknowledged a security breach in which an administrative employee provided patient information to a competing healthcare provider for the purpose of the competitor soliciting patient business.

The information was limited to patient names and addresses of 1,144 patients, and University Urology said in statement posted on its website that the data provided to the competitor did not include any Social Security numbers, financial account information, clinical information or other information that is commonly used for identity theft.

This breach was discovered following an investigation that was initiated after University Urology, P.C. began receiving telephone calls on February 13, 2014, from concerned patients stating that they received solicitation letters from a competing provider.

Following its investigation, University Urology, P.C. responded by interviewing the administrative assistant involved in the breach, terminating any access of the administrative employee to University Urology, P.C. patient protected health information, terminating the administrative assistant, changing network passwords, and securing an agreement with the outside provider not associated with University Urology, P.C. to destroy all names, addresses, and patient information of any kind relating to patients of the organization.

While it appears that the information subject to the breach was to be used for patient solicitation and there is absolutely no indication that the information may be used for purposes of identity theft, patients may choose to monitor their credit card, bank, or other financial statements for signs of fraud and identity theft, according to the organization.

Topics

News

Former Health IT Head in San Diego County Charged with Defrauding Provider out of $800K

The ex-health IT director at North County Health Services, a San Diego County-based healthcare service provider, has been charged with spearheading fraudulent operations that cost the organization $800,000.

Allscripts Touts 1 Billion API Shares in 2017

Officials from Chicago-based health IT vendor Allscripts have attested that the company has reached a new milestone— one billion application programming interface (API) data exchange transactions in 2017.

Dignity Health, CHI Merging to Form New Catholic Health System

Catholic Health Initiatives (CHI), based in Englewood, Colorado, and San Francisco-based Dignity Health officially announced they are merging and have signed a definitive agreement to combine ministries and create a new, nonprofit Catholic health system.

HHS Announces Winning Solutions in Opioid Code-a-Thon

The U.S. Department of Health and Human Services (HHS) hosted this week a first-of-its-kind two-day Code-a-Thon to use data and technology to develop new solutions to address the opioid epidemic.

In GAO Report, More Concern over VA VistA Modernization Project

A recent Government Accountability Office (GAO) report is calling into question the more than $1 billion that has been spent to modernize the Department of Veterans Affairs' (VA) health IT system.

Lawmakers Introduce Legislation Aimed at Improving Medicare ACO Program

U.S. Representatives Peter Welch (D-VT) and Rep. Diane Black (R-TN) have introduced H.R. 4580, the ACO Improvement Act of 2017 that makes changes to the Medicare accountable care organization (ACO) program.