Va. Health System Discovers Four-Year HIPAA Breach | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Va. Health System Discovers Four-Year HIPAA Breach

January 3, 2014
by Rajiv Leventhal
| Reprints

The five-hospital Riverside Health System in Newport News, Va. has announced it has discovered a security breach involving an employee who had inappropriately accessed 919 medical records spanning September 2009 through October 2013.

The breach was discovered during a random company audit on Nov. 1. After an investigation, Riverside's Compliance Department determined that the employee inappropriately accessed patient information over a four-year span, which included social security numbers, a summary of the patient history, and other information that appears in Riverside's electronic medical record (EMR).

The employee, who according to the Daily Press was a licensed practical nurse with Riverside Medical Group, has since been terminated, Riverside officials said in a statement.

Riverside is contacting the patients affected by this event, all of whom will be offered complementary three-bureau credit monitoring. The company has attempted to send notification letters to all patients and next of kin to those known to be deceased, but has been unable to locate current contact information for all affected patients.

The Health IT Summits gather 250+ healthcare leaders in cities across the U.S. to present important new insights, collaborate on ideas, and to have a little fun - Find a Summit Near You!


See more on