UM Hospital: Two Employees Accessed & Tried To Sell Patient Information
MIAMI (CBS4) - Two University of Miami Hospital employees have been fired after the school learned they allegedly stole patient information and then tried to sell it.
UM spokesperson Lisa Worley said the two employees, who have not been identified, were immediately terminated after an investigation by Miami-Dade Police into the security breach. It is no clear if the two face criminal charges.
Worley said the compromised information was included on "face sheets," documents related to the patient registration process. Face sheets contain the patient's name, address, date of birth, and insurance policy number. The sheets also include the reason for the patient's visit and any services they obtained while visiting the hospital.
Officials with the hospital say some patient's identities may have been compromised because some health insurance plans like Medicare and Medicaid use the patient's full social security number as the policy number. Hospital officials do not believe medical records or test results were accessed.
All patients who attended the hospital between October 2012 and July 2012 may be affected. The hospital says it has reached out to those exposed to the breach.
Hospital officials reiterate that only people who visited the University of Miami Hospital are at risk. Off-site centers like the Sylvester Comprehensive Cancer Center, Bascom Palmer Eye Institute, Sylvester at Deerfield Beach or Kendall, and UHealth at Plantation are not affected.
Anyone concerned about their information being accessed is urged to contact the University's incident website is www.umhdataincident.med.miami.edu. The toll-free incident line, 877-534-7033, is available from 9 a.m. to 9 p.m. EST Monday through Friday and from 11 a.m. to 8 p.m. EST Saturday and Sunday until Dec. 5, 2012.