Troy (Ala.) Regional Medical Center has notified 880 patients of a data breach that includes names, addresses, dates of birth, Social Security numbers and medical record numbers.

The hospital, in a statement, indicated that an identity theft ring might have taken the patient information. "Law enforcement officials have communicated that some of the personal information removed from the hospital may have been used to file fraudulent income tax returns with the Internal Revenue Service. Law enforcement has advised that other healthcare providers in Georgia and Alabama have also been targeted by the perpetrators."

The 47-bed hospital learned on May 20 that the information "had been accessed and removed from the hospital without authorization," according to the statement.

The statement did not indicate whether the information was paper-based or downloaded electronic information, and hospital officials were not immediately available for comment. The information likely was paper-based because "it appears the patients impacted by the incident were limited to individuals born between 1988 and 1992," according to the statement.

Troy Regional Medical Center is offering affected patients one paid year of identity protection services from Experian.

 

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access