Update: Griffin Hospital Data Breach

A fired radiologist affiliated with Griffin Hospital is under investigation for allegedly downloading X‑rays and other information of 339 patients and then calling them to offer medical services.

The man’s name was not released Monday, when the hospital sent out a press release alerting the public of the incidents. Click here to read it.

According to Bill Powanda, Griffin vice president, the man was employed by a company the hospital contracts with for radiology work. The man was terminated Feb. 3, Powanda said.

However, from Feb. 4 to March 5, the radiologist used pilfered passwords of his former co-workers to obtain patient images from hospital computers. The man has access to 957 files, Powanda said.

Griffin found out about the unauthorized access after patients called to say the radiologist was offering medical services at another, unnamed hospital.

Powanda wouldn’t say whether the radiologist was trying to steal patients, saying he couldn’t go beyond the hospital’s statement on the matter.

The radiologist has access to patients’ names, exam dates, exam descriptions, gender, age, medical record numbers and dates of birth.

The patient’s Social Security number and patient financial information are not information in the directory accessed,” a statement from Griffin read.

The hospital was able to zero in on the radiologist by tracking his computer’s IP address. It’s unknown from where the man was accessing the information.

Griffin has notified federal and state authorities of the data breach, including state Attorney General Richard Blumenthal.

Blumenthal released a statement Monday saying his office is investigating and Griffin is cooperating.

Unauthorized accessing of patient information is a violation of the federal HIPAA law that my office is empowered to enforce. I will seek strong and significant sanctions, if warranted by the facts,” Blumenthal said.

Plan now. Give later. Impact tomorrow. Learn more at ValleyGivesBack.org.