(Crain's Detroit Business) Beaumont Health announced Friday a data security breach that compromised the personal and health information of roughly 112,000 former or current patients.
It's the second data breach the state's largest health system has announced this year. In January, Beaumont notified 1,182 patients that an employee had unauthorized access of patient information and disseminated that information to an employee of a personal injury law firm.
Beaumont discovered the newest breach on March 29, as the hospital system was treating more than 1,000 confirmed COVID-19 patients, that "one or more of the email accounts accessed between May 23, 2019 to June 3, 2019 contained identifiable personal and/or protected health information," the health system said in a press release.
The emails contained information such as patients' names, birth dates, diagnosis, diagnosis codes, procedures, treatment locations, treatment types, prescription information, Beaumont patient account numbers and Beaumont medical record numbers. A "limited" amount of Social Security numbers and other information were also included in the breach.
Beaumont was unable to determine whether any of the information had been shared with a third party, it said in a press release.
The health system stresses the 112,000 patients represents only 5% of its 2.3 million patients in its system.
"Beaumont has taken steps to improve internal procedures to identify and remediate future threats in order to minimize the risk of a similar incident in the future, including implementing additional technical safeguards and providing additional training and education to Beaumont employees on identification and handling of malicious emails," Beaumont said in a press release. "Notified patients should monitor insurance statements for any transactions related to care or services that have not actually been received."