Petersburg Medical Center announced in a press release that an employee of the organization violated the hospital’s code of conduct and HIPAA patient privacy by accessing patient medical records without cause. Details on the insider healthcare patient privacy breach are discussed.

Petersburg Medical Center: Insider Healthcare Breach

Upon learning that an employee may have been accessing protected health information (PHI) outside their duties, Petersburg Medical Center launched an investigation into the insider healthcare patient privacy breach. The investigation determined that an organization employee had been accessing the medical records of patients that the employee was not treating, and as such, violated both the hospital’s code of conduct, as well as HIPAA patient privacy law during the healthcare privacy breach.

Insider Healthcare Breach

It was also determined that, although the records were inappropriately viewed, the employee had not improperly disclosed the PHI. Petersburg Medical Center has since revoked the employee’s access to medical records, and is taking steps to prevent a similar healthcare patient privacy breach from occurring in the future.

The press release stated, “PMC deeply regrets that one of its employees acted in a manner that violates PMC rules, policies, and procedures as well as violating trust with PMC patients.” The statement also urged that PMC had trained the employee on permissible uses and disclosures of PHI, however, the employee in question violated the training.

It is unclear at this time how many patients were affected by the incident, as PMC has not made that information public, however, affected patients received breach notification letters by mail.

Let’s Simplify Compliance

Do you need help with HIPAA? Compliancy Group can help!

Learn More!
HIPAA Seal of Compliance