About 2,200 patients treated at multiple emergency departments in the University of Pittsburgh Medical Center delivery system are being notified of a breach of protected health information after an employee of a contractor copied and disclosed billing information.

Medical Management LLC (MML), which provides billing and other services to providers, learned from law enforcement officials on March 16, 2015, that the since-terminated employee was copying protected health information from the billing system for two years and disclosing the information to a third party. 

Also See: Partners Healthcare Employees Duped into Revealing Patient Data

MML was asked to delay notifying affected customers while the investigation was continuing, and subsequently notified UPMC on April 14, according to a UPMC spokesperson. MML also told UPMC that more than 40 of its customers were affected by the breach.

Compromised information included names, dates of birth and Social Security numbers. MML is offering for free a year of identity protection services from Kroll Inc. UPMC is not aware of any instances of affected patients’ information being improperly used, according to the spokesperson.

“We apologize for any anxiety or inconvenience that this incident may cause for our patients,” John Houston, vice president of privacy and information security at UPMC, said in a statement. “We hold our vendors to the same high privacy standards that we have for ourselves. Based upon the ongoing investigation, we will make whatever changes may be necessary to further enhance our already stringent privacy protections, especially those that apply to our business partners.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access