Mercy Well being revealed that it had fired an worker who was answerable for an insider breach involving its programs.

On December 4, Mercy Well being posted a discover informing its sufferers of a medical data incident that had occurred earlier within the yr.

The bulletin defined that Mercy Well being, the fifth largest Catholic well being care system in america, had realized on October 7 {that a} former worker had accessed medical file info that was not important for the efficiency of their work-related duties.

That medical file info included sufferers’ names, dates of delivery, addresses, medical file numbers, therapy particulars and radiology pictures, amongst different items of knowledge.

The worker had additionally accessed the medical health insurance ID numbers for a small variety of sufferers, Mercy Well being defined, although they’d not seen sufferers’ bank card credentials or monetary particulars.

The well being care system confirmed that it had taken steps to deal with the safety incident. As quoted in its discover:

Upon discovering the incident, Mercy instantly investigated the incident and made further enhancements to procedures to stop an analogous incident from taking place sooner or later. Extra training was supplied to employees concerning compliance with the group’s insurance policies and procedures. The worker who accessed the data now not works at Mercy.

Mercy Well being famous that it might offer free membership to IDX’s id theft safety companies for the span of a yr.

Moreover, it highlighted different efforts that particular person sufferers may take to guard themselves in opposition to id theft. It particularly really helpful that sufferers doubtlessly affected by the safety incident monitor their account stories and billing statements for sudden costs, stay vigilant for emails and cellphone calls which may request private info in addition to think about putting a fraud alert or a safety freeze on their credit score recordsdata.

This incident underscores the significance of medical organizations taking the correct steps to safeguard their sufferers’ data in opposition to attackers. For some finest practices on how to do that, click on right here.