An unidentified radiologist formerly associated with Griffin Hospital in Connecticut is under investigation for a breach of patient information. The doctor allegedly tapped into the hospital's PACS using other radiologists' passwords, retrieving data from 957 patients.

Connecticut's Attorney General Richard Blumenthal is investigating the doctor, who is said to have downloaded X-rays and other information on 339 patients. The hospital began its investigation when patients called in reporting that the doctor was offering medical services at a new, unidentified hospital.

"This breach...appears to have been a deliberate intrusion into Griffin's Digital Picture Archiving and Communication System (PACS) to view patient radiology reports," said Griffin Hospital President Patrick Charmel in a statement.

The breach comes in violation of the federal HIPAA law, says Blumenthal in a statement. Patients are protected under the HIPAA law, part of which states that any information that can identify a patient is considered "protected health information."

"I will seek strong and significant sanctions, if warranted by the facts," he says. "Griffin Hospital rightly informed my office of this alleged data breach and is cooperating with our investigation."

The radiologist had access to patients' names, exam dates, exam descriptions, gender, age, medical record numbers and dates of birth, which are considered to be protected health information. Their social security numbers and financial information were not part of the directory accessed, according to a Griffin Hospital statement.

Griffin Hospital Vice President Bill Powanda told DOTmed News in an e-mail that he is unable to comment beyond the news release, which was issued on March 29. Blumenthal's office did not return calls for comment beyond their press statement.

More Industry Headlines