Employee fired after data breach at Eastern Idaho Public Health

The following is a press release from Eastern Idaho Public Health.

IDAHO FALLS, Idaho (KIFI) - The following is a press release from Eastern Idaho Public Health.

At Eastern Idaho Public Health, we are committed to protecting the privacy and security of our patient’s information. Regrettably, we identified a privacy incident involving some of that information.

Recently, we learned that one of our employees may have accessed protected health information without authorization. An investigation was launched immediately, when unauthorized access was suspected. The investigation involved a review of access logs of patient records and interviews with staff.

The investigation determined some medical records were accessed without authorization, specifically access of patient clinic notes. The information included health screenings, histories, assessments, orders, and results. We were able to determine that no copies, transcriptions, or recordings were taken of the protected health information. The information did not involve any immunization records, financial, or insurance information. Eastern Idaho Public Health is confident that access of the medical records was not for malicious purposes and there is no indication that any patient data will be misused.

Notification letters were sent to patients whose information was accessed to inform them of the violation and further steps to protect their information. The letter included methods of contact should patients have questions about the incident. Patients may contact us with questions at 1-855-533-3160 (toll free) or 208-533-3217.

We regret any concerns or inconvenience this incident may cause and remain committed to protecting the confidentiality and security of patient information. As a result of the investigation, Eastern Idaho Public Health has reinforced education with our staff, clarified procedures regarding access to records, and has terminated the staff involved.