University of South Florida Data Breach (2013)

The University of South Florida is investigating a protected health information data breach by an employee. The person responsible for the data breach is no longer a university employee, said Anne Baier, spokeswoman for USF Health. How the personal information involving patients treated by USF physicians at Tampa General Hospital was obtained is under investigation. Baier said 140 patients were affected by the breach. The breach was uncovered in late May when police pulled over the USF employee, identified only as a custodial worker, and searched the employees car, finding patient information such as names, dates of birth and Social Security numbers. Patients possibly affected by the security breach were notified via a letter from USF in July. This involves someone who worked at USF, not at Tampa General, said hospital spokesman John Dunn. It is TGHs policy in cases of patient data breaches to provide a year of free credit monitoring for the people affected, he said. In the letter to patients involved in the data breach, Patricia J. Bickel, USFs compliance and privacy officer at USF Health, recommended people place fraud alerts on credit files and take other precautions to prevent identity theft, false tax returns and other potential problems. USF officials have not received any indication that the patients information has been used by an unauthorized person, Baier said. The records came from the billing department of the USF Physicians Group inside the USF Health Faculty Office Building.