Over 90 Total Lots Up For Auction at One Location - WA 04/08

Long Island Jewish Forest Hills notifies patients potentially impacted by former employee’s unauthorized access of EMRs

Press releases may be edited for formatting or style | August 09, 2021 Cyber Security Health IT
QUEENS, N.Y.--(BUSINESS WIRE)--Long Island Jewish Forest Hills Hospital (“LIJFH”) today announced that it has notified patients who were potentially impacted by a former employee’s unauthorized access of electronic medical records. LIJFH has taken steps to address this matter and is offering credit monitoring to any patient who may have been affected.

As background, on January 24, 2020, a subpoena was issued seeking documents in connection with an investigation into a “No Fault” motor vehicle accident insurance scheme. After receiving this subpoena, LIJFH reviewed the matter and determined that a former employee who was referenced in the subpoena improperly accessed certain electronic medical records. To date, LIJFH has no evidence that the information accessed by the former employee was used improperly or had anything to do with the insurance scheme that was being investigated. However, out of an abundance of caution, LIJFH decided to notify every patient whose medical records were accessed by the former LIJFH employee through its medical record system during the period of time for which the former employee had access to patient records (August 23, 2016 through October 31, 2017). LIJFH is making these notifications regardless of whether the patient was involved in a motor vehicle accident. LIJFH cooperated fully with the investigation, which included following law enforcement’s instructions to delay notifying any patients who were potentially impacted by the scheme through August 5, 2021.

The patient information accessed by the former employee did not include credit card numbers or any other payment-related information. It may have included information from one or more of the following categories: (1) demographic-type information such as the patient’s name, date of birth, address, phone number, insurance information, internal medical record number and/or, in some cases, a Social Security number; and (2) clinical information such as the name of the treatment location, the name of the treatment provider, date(s) of service, reason for the visit, brief summary of the patient’s medical history, a list of the patient’s medications, the patient’s test results, the patient’s diagnoses, and/or other treatment-related information. Potentially affected patients are being offered one year of complimentary credit monitoring and identity protection services, unless a longer time period is required by applicable state law.
stats
DOTmed text ad

Reveal Mobi Pro now available for sale in the US

Reveal Mobi Pro integrates the Reveal 35C detector with SpectralDR technology into a modern mobile X-ray solution. Mobi Pro allows for simultaneous acquisition of conventional & dual-energy images with a single exposure. Contact us for a demo at no cost.

stats
What We Are Doing.

In addition to confirming that the employee was no longer employed by LIJFH, steps have been taken to try to prevent this type of incident from occurring in the future. Additional security tools were implemented to monitor access to medical record applications. Moreover, all employees receive ongoing training on the importance of respecting patient privacy, and targeted re-training of front-line staff was given. Finally, the Compliance Department conducts audits of medical record access to minimize the risk of such incidents occurring in the future.

You Must Be Logged In To Post A Comment