Cybersecurity News
Cybersecurity6 May 2024 2m allinahealth.org

Allina Health Reports Privacy Breach Affecting Patient Records

Allina Health has disclosed a privacy incident involving unauthorized access to the health records of 715 patients by a former employee. Affected patients will receive notifications and complimentary identity monitoring.
Allina Health Reports Privacy Breach Affecting Patient Records

Key Takeaways

  • 1.MINNEAPOLIS (May 6, 2024) — A recent privacy breach at Allina Health has raised concerns among patients after it was revealed that a former staff member accessed the health records of 715 individuals without authorization.
  • 2.“Allina Health does not permit any employee to access health information without an appropriate business reason,” emphasized a spokesperson for the health system.
  • 3.“We are deeply sorry for any concern or inconvenience that this incident causes,” the spokesperson added, reiterating the commitment to maintaining patient privacy.

MINNEAPOLIS (May 6, 2024) — A recent privacy breach at Allina Health has raised concerns among patients after it was revealed that a former staff member accessed the health records of 715 individuals without authorization. This individual, who had been employed by Allina Health until 2022, violated the organization’s strict policies regarding patient privacy.

“Allina Health does not permit any employee to access health information without an appropriate business reason,” emphasized a spokesperson for the health system. The violation has prompted significant actions to notify the impacted individuals, who will receive letters detailing the incident and the information that may have been compromised.

The sensitive data in question reportedly included demographic information, photo IDs, insurance details, limited clinical records, and the last four digits of Social Security numbers. However, Allina Health confirmed, “This information DID NOT include credit card information.”

Person using laptop with holographic cybersecurity shield and digital interface elements
Person using laptop with holographic cybersecurity shield and digital interface elements

Impact and Legacy

Recognizing the potential impact of this incident on its patients, Allina Health is taking steps to mitigate concerns. As part of their response, they are offering two years of complimentary identity and credit monitoring services for those affected. “We are deeply sorry for any concern or inconvenience that this incident causes,” the spokesperson added, reiterating the commitment to maintaining patient privacy.

In alignment with federal regulations, Allina Health has also reported the breach to the U.S. Department of Health and Human Services Office for Civil Rights, ensuring transparency and compliance with necessary disclosures.

Established for the well-being of communities in Minnesota and western Wisconsin, Allina Health is a nonprofit healthcare provider that encompasses over 90 clinics and 12 hospitals. They provide comprehensive medical services ranging from primary care to specialized treatment, home care, and emergency transportation.

Looking Ahead

The organization aims to foster trust while addressing this breach and is dedicated to taking all necessary steps to prevent future incidents of this nature. More information about Allina Health’s services can be found on their website or through their social media channels, including Facebook, X, Instagram, and LinkedIn.

Data center server room with multiple monitors displaying code and red LED lighting
Data center server room with multiple monitors displaying code and red LED lighting
data-breachhealthcarepatient informationidentity monitoringprivacy incident