The UCLA Health System notified approximately 4.5 million patients that their information may have been compromised. This is one of the largest HIPAA breaches ever reported.
The Health System identified suspicious activity on its networks in October 2014. After investigation, it determined that Social Security Numbers, medical diagnoses, test results, addresses and dates of birth were accessed by hackers potentially as early as September 2014. Patients were notified in July. The Health System’s statement can be accessed here.
All employers, particularly health systems, should regularly monitor and review networks to identify any unusual behaviors that may lead to a compromise of personal information.