Breaches at Ashley County Medical Center and San Antonio Hospital

Ashley County Medical Center discovered that a former employee accessed the healthcare records of 722 patients with no authorization.

Ashley County Medical Center started an investigation into the HIPAA violation and found out that the nurse was only able to view some patient information that is not associated with patient care or treatment. It is the belief of Ashley County Medical Center that no patient data was disclosed to a third party or accessed by the employee with the intention to misuse it. The medical center believes that the employee accessed patient information only out of curiosity.

As per the sanctions policy of Ashley County Medical Center with regards to unauthorized medical record access, the nurse who committed the HIPAA violation was terminated from work.

ACMC Chief Executive Officer Phillip Gilmore stated that the healthcare organization treats patient privacy as a very serious issue and anyone who fails to keep patient information secure will be subject to disciplinary action. ACMC already took the necessary steps concerning the incident, such as submitting a report on the wrongdoing of this employee, informing all the patients who had their information exposed, continuing to be vigilant in tracking and safeguarding patient data, and providing more training to its employees.

Data of San Antonio Hospital Patients Exposed Over the Web

The protected health information (PHI) of 1,237 Foundation Surgical Hospital of San Antonio patients was accidentally exposed online.

It happened on January 29, 2020 that the Texas-based hospital published a link on its web page pointing to a file that was intended to display the average hospital fees; but, the file associated with the link displayed the names of patients, patient account numbers, diagnosis codes, dates of the procedure, bills and amount paid, and whether the expenses were settled, was due, or were written off. After receiving a report about the wrong file posted, the hospital removed the link on May 27, 2020.