Florida Hospital has admitted â€" in a newspaper advertisement â€" that its employees improperly accessed information on more than 2,000 car-accident patients at emergency departments in three Central Florida counties during a 20-month period ending in August.
The FBI and the Osceola County Sheriff's Office were contacted, the hospital said, in the wake of what was described as an "inappropriate access" of personal information.
The employees, who have been fired, accessed information including patients' names, date of birth, Social Security numbers, and insurance information, according to the ad. The breaches affect patients at emergency departments in Orange, Osceola and Seminole counties, the ad says. Not all patients who went to emergency rooms during that time had their records breached.
The intent of the breach appears to have been to pass the information on to an attorney-referral service.
According to the hospital, the incident came to light after a car-accident victim told the hospital she'd been contacted by an attorney regarding the accident. She believed the only way the attorney could have received her information was via the hospital.
Subsequent investigation found that all 2,252 patients whose records were accessed had been in car accidents. There was no immediate confirmation if any other patients had been contacted by an attorney, or what referral service, attorney or attorneys may be involved.
The unobtrusive quarter-page ad, which is headlined simply "Public Notice" and does not bear the Florida Hospital logo, says the breaches occurred between Jan. 1, 2010, and Aug. 15, 2011. It appears on Page A11 of today's Sentinel.
"There is no evidence of identity theft," noted Florida Hospital spokeswoman Samantha O'Lenick. Despite that, the ad says that "we have offered credit monitoring, protection and restoration service to help [affected patients] address any unauthorized use of their information."
According to the Osceola County Sheriff's Office, the hospital made contact on Sept. 6. Investigators confirmed that employees at Florida Hospital Celebration viewed patient information.
"No one has come forward to report identity theft," said Sheriff's Office spokeswoman Twis Lizasuain.
However, "we are still actively investigating and working with Florida Hospital to obtain additional information," she said.
According to O'Lenick, letters were sent to 2,252 people. "Letters should be arriving in mailboxes today," she said.
The hospital placed the newspaper ad to "be proactive" in alerting any patients who might have been missed, O'Lenick said.
Should anyone come forward with complaints after the letters and advertisement, the Sheriff's Office will follow up with them, Lizasuain said.
Three employees were involved, and all were terminated, O'Lenick said. The three were "nonclinical" employees, meaning they held clerical jobs, O'Lenick said. They "accessed information outside of their job scope," she said.
"We totally regret that this happened," O'Lenick said, "and we want to assure the community that we're taking this very seriously."
The Florida Hospital website includes a notice about the incident. It advises patients who think they may be affected to call 1-855-366-0141 with any questions.
dbreen@tribune.com and ksantich@tribune.com
No comments:
Post a Comment