Eligibility verification snafu hits Carbondale Memorial

A technical glitch by a third-party vendor at three-hospital Southern Illinois Healthcare has resulted in the provider suffering a data breach affecting about 600 patients.


Experian Health provides information to Southern Illinois Healthcare to facilitate the verification of insurance eligibility during the patient registration process. On April 28, the vendor notified the provider that between February 13 and March 13 two Experian platforms advertently were sending patient information to the wrong medical facilities.

The incident occurred during a server migration and the facilities that inadvertently got the information were HIPAA-covered entities, so the information was not accessible by the general public, according to Experian.

Also See: What can healthcare providers do about the rising number of security breaches?

Compromised data included names, birth dates, gender, addresses, Medicare/Medicaid numbers, insurance companies and group policy numbers.

Experian quickly corrected the problem, and Southern Illinois Healthcare determined that the error had been resolved. The provider is offering two years of credit monitoring and identity protection services through AllClear ID, as well as providing comprehensive information on guarding against identity theft.

Representatives of Southern Illinois Healthcare and Experian Health declined to provide additional information or submit a statement on the incident.

For reprint and licensing requests for this article, click here.