Riverside Health System announced a possible data breach this week after a former employee was charged with stealing credit card information from cancer patients.
T’sha Riddick, a 33-year-old convicted felon who worked for nearly two years at one of the company’s medical practices in South Hampton Roads, was arrested last month. She is scheduled to appear on Aug. 25 in Chesapeake General District Court on 13 identity-theft and fraud charges related to her time with Cancer Specialists of Tidewater, which has offices in Chesapeake, Virginia Beach and Suffolk.
Peter Glagola, a Riverside spokesman, said the hospital system was unaware the Elizabeth City resident had been convicted nine years ago in North Carolina of two felonies, including credit card fraud.
Glagola explained that Riddick was hired as an unlicensed medical assistant, and that the company requires background checks only for licensed employees. Others are screened randomly, he said.
“This is bringing a lot of things to light,” Glagola said.
The company is now considering whether to conduct background checks on all employees.
As a precaution, Riverside is offering free credit monitoring to over 2,000 patients and all staff. Glagola explained that the number represents everyone who has gone to the practice since Riddick was hired in June 2012.
Riverside Health System oversees five hospitals, including its flagship in Newport News, Riverside Regional Medical Center. The system also has three specialty hospitals, a medical group, surgery centers, retirement communities and home-care services.
“Keeping patient information protected is vital at Riverside,” Glagola said in a news release. “We are looking at ways to improve our monitoring program with more automatic flags to protect our patients.”
Court records indicate that Riddick – a single mother of three children – also worked at Waterbrooke Assisted Living in Elizabeth City around the time of her June 6 arrest. Officials with that facility said Wednesday that she no longer worked there and did not have access to patient information when she did. They declined to give their names or elaborate.
The charges against Riddick – who was released earlier this month on a $13,000 surety bond – stem from four different dates in January, March, April and June while she worked at Cancer Specialists of Tidewater, according to court documents.
Glagola said Riddick improperly accessed patient information at the practice, including credit card and Social Security numbers. It is unclear how she obtained the information, but Glagola said Riverside does not believe she accessed it through the company’s computer systems.
Andrew Sacks, Riddick’s attorney, declined to comment on the charges.
In 2005, Riddick pleaded guilty to credit card fraud and obtaining property by false pretense in North Carolina, according to Pasquotank County court documents. The credit card conviction stemmed from Riddick’s use of another woman’s card to pay electricity and telephone bills, court documents said. She worked for Albemarle Hospital at the time, the court documents said.
In 2008, Riddick was convicted of misdemeanor theft in North Carolina, according to court records.
And, last year, she was convicted of misdemeanor possession of stolen property and three counts of misdemeanor worthless checks.
She was on unsupervised probation at the time of her most recent arrest.
Riverside patients who believe they may have been victims of the data breach should call the hospital at 1-877-753-6854.
Pilot writers Elizabeth Simpson, Amy Jeter and Jeff Hampton contributed to this report.
Scott Daugherty, 757-222-5221, [email protected]
Posted to: Chesapeake Crime Health News