Letters were sent out on Monday to those affected after an internal investigation discovered that an employee had accessed information between July of last year and July of this year that includes things like birth dates, addresses, medication listings and insurance information. The investigation could not confirm that all of the patient records accessed were viewed for appropriate job-related purposes.
Mercy’s privacy officer Kurt Hale in the notification letter says they deeply regret the event, which is contrary to the hospital’s policies. Hale says the person no longer works for Mercy nor has access to the hospital’s information systems. Mercy says they are working to address the incident with the Department of Health and Human Services’ Office for Civil Rights as well as with local law enforcement.
(By Bob Fisher, KRIB, Mason City)