Advocate Medical Group (AMG), part of the not-for-profit Downers Grove, Ill.-based integrated healthcare network, Advocate Health Care, had one of its administrative offices robbed in July, and computers with protected health information (PHI) were taken.
AMG discovered that the computers contained the names, addresses, dates of birth and Social Security numbers of approximately 4.03 million patients. While it didn’t have medical records, it did have clinical information, such as the treating physicians and/or departments, diagnoses, medical record numbers, medical service codes, and health insurance data.
“The most important thing is that this issue has no impact on patient care,” Kevin McCune, M.D., Advocate Medical Group’s Chief Medical Officer, said in a statement. “Security is a top priority for our health care ministry. Nothing leads us to believe that the computers were taken for the information they contained or that any patient information has been used inappropriately.”
The 4.03 million patients are being notified and being offered free credit monitoring and identity theft protection. AMG says it has taken steps to reduce the possibility of this happening again. “While we are keenly focused on the investigation and security enhancements, everyone’s efforts right now are concentrated on our affected patients,” McCune said. “If one patient is impacted – that’s one too many.”