South Bend, Ind.-based Beacon Health System is notifying 3,117 patients that some of their personal information may have been accessed by an unauthorized employee who viewed patient records outside the scope of their job duties.
On Jan. 10, the health system said it became aware that an employee may have been inappropriately viewing patient records and launched an investigation into the incident.
On Feb. 20, Beacon Health System confirmed that the employee was accessing records that did not pertain to their job duties.
The access occurred between Nov. 19, 2018, and Feb. 24, 2023, according to a March 10 breach notification from Beacon.
The type of information viewed varies by patients, but includes names, addresses, dates of birth, Social Security numbers, clinical information, labs and diagnostic testing, operative and anesthesia documentation, as well as ancillary clinical documentation and medical history.
The health system said it will be notifying all affected individuals.