UnityPoint Health, a multi-hospital and clinic health system based in Des Moines, Iowa., has suffered a data breach affecting 1,800 patients.
The breach occurred when someone at a third-party company working with UnityPoint illegally gained access to the EMR system by using a password of individuals who were authorized to access the system for medical purposes. This was discovered during an audit of the system.
It occurred from February through August 2013. Protected health information that was accessed included names, home addresses, dates of birth, medical and health insurance account numbers health information related to patient treatment, and for some patients, their social security numbers.
According to a report from the Des Moines Register, the Federal Bureau of Investigation is investigating the incident, which according to the company’s press release. UnityPoint says it has sent letters to all affected patients, and is offering a credit monitoring product to adults and families of minors affected.
Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.