Just about 10,000 previous patients of Holy Cross Hospital have received letters in the mail advising them that their private data may have been accessed by a former employee.
According to hospital officials, they recently got word that an employee had inappropriately accessed thousands of patient records. The data in the breach included patient names, dates of birth, addresses and Social Security Numbers.
As a safeguard, the hospital sent letters to all of the 9,900 patients whose demographic data was accessed (suitably or inappropriately) by this individual from November 2011 and August 2013.
“The hospital’s investigation indicated that the employee may have intended to utilize the information in filing fraudulent tax returns,” the hospital stated in a news release. “The employee was terminated, and efforts are underway to prosecute this individual to the fullest extent possible.”
An investigation by the hospital discovered the employee may have required the information to file fraudulent tax returns. They have since been fired and the hospital wants to press charges.
All patients struck by this incident have been offered free credit monitoring services.