Between February and September 2012, an unidentified third party gained access to the information of some purchases; the hospital in its Oct. 24 notice did not yet know how many individuals were affected. It has replaced hardware affected by the breach, retained a forensic auditor, and notified local police and the Secret Service, which investigates financial crimes among its other duties. No patient health information was involved in the breach.
The hospital’s bank has coordinated with card companies to notify affected card holders. A hospital spokesperson did not immediately return a phone call asking for additional information on the breach.
Following a 2010 incident, Aultman Hospital is listed in the HHS Office for Civil Rights’ Wall of Shame database of more than 500 organizations that have had a breach of protected health information affecting more than 500 individuals.
A laptop computer was stolen in June 2010 containing patient names, Social Security numbers, addresses, dates of birth, telephone numbers, insurance numbers and health information related to home health services. The hospital reported 13,867 patients being affected. At the time, Aultman offered patients one year of paid credit monitoring services.