CHEYENNE, Wyo. — The Cheyenne Regional Medical Center said in a news release Wednesday morning that a former employee “inappropriately accessed” several patients’ personal health records over a near two-year period.
The release noted that the offenses occurred between Aug. 31, 2020, and May 26, when the employee was reported to the building’s compliance office. The employee had normal staff access to the hospital’s electronic health records system, but the person’s unauthorized viewing of certain medical records — including Social Security numbers and sensitive medical information — was “outside the scope of the individual’s job duties,” per the hospital.
The employee no longer works for the hospital and the medical facility itself is mailing notification letters to those affected as a precaution, Compliance and Privacy Officer Gladys Ayokosok said in the release.
The total number of patients affected is not listed, with the hospital additionally saying that there is no evidence the employee retained or attempted to misuse information from the records. Hospital policy states that patient information must be securely stored in the hospital’s electronic health records system.
“We want our patients and community to know that their personal health information, as well as their privacy, are very important to us, and we are constantly working to strengthen our operational procedures,” Ayokosok said. “We sincerely regret any inconvenience or concern this incident has caused and are committed to working with any individuals who may have questions or concerns.”
An assistance line has been set up by the hospital at (307) 633-7526 “to ensure questions are answered in a timely manner,” the release said.