HIPAA Compliance Training and Certification

HIPAA News

Sentara Health Discovers Job Sharing Scam with Probable Unauthorized EMR Access

by | Apr 13, 2025

Sentara Health is a not-for-profit healthcare organization based in Florida, Virginia, and Northeastern North Carolina that notified 1,620 individuals concerning a likely insider breach affecting their electronic health records.

Sentara Health’s Laboratory Services section employed a remote worker in December 2024 to handle laboratory request orders from companies to interpret the laboratory exams that must be done for patients. After a virtual meeting between the manager and the remote worker in January 2025, the manager brought up concerns that the person the manager met might not have been the person hired
for the position.

The worker’s access to Sentara’s systems was deleted right away, pending an investigation. Sentara eventually learned that the worker’s actions were in line with a job-sharing scam. In these scams, a person gets a job at several locations, assigns the job to other people, and gets a percentage of the salary. On or about January 28, 2025, Sentara finished its investigation and reported that the record access affecting the worker’s login information was in keeping with the designated work responsibilities; nevertheless, it cannot be confirmed that the employed person accomplished those responsibilities. Other people who were not allowed to share the job responsibilities might have viewed patient information on behalf of the employed worker.

The possible unauthorized access involved individuals who acquired diagnostic tests from January 14 to January 23, 2025. The types of data affected possibly included names, birth dates, addresses, patient ID numbers, medical record numbers, phone numbers, lab test order and completion dates, Social Security numbers, and the name of the healthcare provider who requested the tests.

Sentara Health mailed notification letters to the impacted persons on March 28, 2025, and as a preventative measure, free credit monitoring and identity theft protection services were provided. Sentara Health is assessing platforms for employees’ HIPAA training, and technical security settings are being evaluated. The breach report submitted to the HHS’ Office for Civil Rights indicated that up to 1,620 persons were impacted.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

COMPREHENSIVE HIPAA TRAINING

Please enable JavaScript in your browser to complete this form.

Ryan Coyne

Ryan Coyne is a results-driven leader in the healthcare compliance industry, specializing in regulatory compliance, compliance training, and assisting healthcare organizations and business associates in achieving and maintaining compliance. With a deep knowledge of healthcare regulations and a keen understanding of the challenges faced by the industry, Ryan has developed a reputation as a trusted advisor and advocate for ethical and compliant practices in healthcare. Ryan has successfully advised and guided numerous healthcare organizations, business associates, and healthcare professionals on achieving and maintaining compliance with regulatory training requirements. Ryan's professional focus is using his in-depth expertise and leading a world class team of subject matter experts at ComplianceJunction in regulatory compliance to help organisations navigate the complex landscape of ensuring staff adhere to healthcare regulations. You can connect with Ryan via LinkedIn and follow on Twitter

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy