Allina Health Notifies 3,000 Patients of Security Breach
Minneapolis-based Allina Health has notified patients whose personal health information was unnecessarily viewed by a certified medical assistant at one of the system’s clinics.
The data breach has affected more than 3,000 patients, according to a report from KARE.
According to Allina Health, the first unauthorized access was confirmed on September 18, 2013. In the course of the investigation, the health system determined that the individual accessed some patients’ electronic medical record (EMR) outside of her normal job duties between February, 2010 and September, 2013. This employee had access to demographic information (name, address, telephone number, date of birth), clinical information, health insurance information, and the last four digits of these patients’ social security number, Allina Health officials said.
The health system began sending letters to affected patients on October 25, and has established a call center to answer any questions they may have.
About the Author
Rajiv Leventhal
Managing Editor
Rajiv Leventhal is Managing Editor of Healthcare Innovation, covering healthcare IT leadership and strategy. Since 2012, he has been covering health IT developments for the publication's CIO and CMIO-based audience, and has taken keen interest in areas such as policy and payment, patient engagement, health information exchange, mobile health, healthcare data security, and telemedicine.
He can be followed on Twitter @RajivLeventhal