SOUTHFIELD, Mich. (AP) — A southeastern Michigan hospital system said Saturday that a now-fired employee accessed and shared what was supposed to be protected personal and health information of more than 1,000 patients with someone affiliated with a personal injury lawyer.
Beaumont Health said it has informed 1,182 people about the unauthorized access of their information, including names, addresses, dates of birth, phone numbers, email addresses, insurance information, reasons for medical care and Social Security numbers. Those whose Social Security numbers were affected were given information about enrolling in a free credit-monitoring program.
Beaumont officials said the breach didn't affect all of its patients but they did not detail where those patients had received treatment. Hospital spokesman Mark Geary said most of the patients whose records were accessed had been in motor vehicle accidents.
The Southfield-based system, which has eight hospitals and 145 outpatient locations, said it discovered last month that the data breach occurred between February 2017 and last October. The responsible worker was fired and officials said that in addition to launching an internal investigation, they will work with law enforcement if prosecution is pursued.
The not-for-profit organization added it has taken steps to improve internal procedures to keep this from happening again.