It has been revealed that a former employee of Southwest Ambulance in Arizona took the patient records of 581 people, including their names as well as their financial and medical information. The records were subsequently recovered and the affected customers were made aware of the data breach.
The data theft was discovered when a landlord cleared out the employee’s residence after they had moved out. According to the company, the records had been taken over the course of a number of years, and used primarily for training purchases. However, Southwest Ambulance have refused to disclose anything about the employee, including whether they left the company before or after the incident was discovered. In a bid to rectify the situation, Southwest have agreed to pay for credit-monitoring services for customers affected by the data breach.
Company officials claim there is no evidence that the stolen information was shared with any third parties or used inappropriately, although there is always the threat of targeted ‘phishing’ attacks. Holly Walter, spokesman for Southwest Ambulance, said this:
"We found nothing to indicate those records were used inappropriately,"
The company consider the breach to be an isolated incident, and assured customers that they regularly train their employees in how to handle and protect sensitive medical information.
It is shocking that someone involved in healthcare could abuse their position in this way. People have a right to expect their confidential financial and medical information to be kept safe.