Petersburg Medical Center includes a clinic, hospital, emergency room, and long term care. (Photo/KFSK)

Petersburg Medical Center announced Monday that it learned of a potential breach of federal health care privacy law with some patients’ medical records. But the community hospital says the information was not released outside its walls. Angela Denning reports:

According to a press release, the hospital found that an employee viewed records of patients who were not directly under their care.

This could violate federal health care privacy law, known as HIPAA, or the Health Insurance Portability and Accountability Act, along with the hospital’s code of conduct.

The hospital says it began an internal investigation as soon as it learned a potential violation occurred.

PMC maintains it is an internal breach only and that the patients’ medical information has not gone beyond the medical center. While the information may have been inappropriately viewed, no further disclosure of it occurred.

The medical center has contacted by mail the patients whose medical records may have been affected.

The press release states, “PMC deeply regrets that one of its employees acted in a manner that violates PMC rules, policies, and procedures as well as violating trust with PMC patients.”

The federal law requires health care providers and insurers to take steps to limit access to a patient’s information and ensure that information is not shared without consent. Patients have the right to access their own health records and learn who else has had access to them. It also requires health care providers to train employees about complying with privacy law.

All PMC employees receive training on this, the statement said.

PMC says it took steps to prevent the offending employee from having any access to the medical center’s records now or in the future.

The hospital also say it is taking measures to prevent any reoccurrence within the organization.

Patients who have received a notification letter and anyone else with questions or concerns about the breach may contact Chad Wright, PMC’s Compliance Officer. His number is (907) 772-5724, Monday – Friday, 8:00 a.m. – 5:00 pm.

CEO Phil Hofstetter plans to discuss HIPAA and the potential breach during a PMC LIVE radio show this Thursday at 12:30 p.m. on KFSK.