Hundreds of patient records at a Pasadena-based hospice-care nonprofit were potentially compromised in a security breach, the center said.
An employee at Hospice of the Chesapeake, which serves about 370 terminally ill patients daily in Anne Arundel and Prince George's counties, is believed to have emailed spreadsheets containing patient medical data to a personal email account to complete work from home, said Sandie Anderson, a Hospice for the Chesapeake spokeswoman.
Someone else may have accessed the email account with the patient data, which included names, ages, dates of service and diagnoses, according to the nonprofit. The data did not include Social Security numbers, dates of birth or financial account information.
More than 500 patient records were potentially compromised, and the results of the hospice center's internal investigation have been turned over to Anne Arundel County police, Anderson said. The center provides mostly in-home care.
Hospice of the Chesapeake said it has reviewed its policies to ensure such a situation does not happen again, and has notified those involved. The center became aware of the potential breach in August.
Anderson declined to say whether the employee involved was disciplined, citing a policy of not discussing personnel matters.
twitter.com/cwellssunCopyright © 2014, The Baltimore Sun