On Nov. 30, Ascension Michigan discovered an unauthorized user had accessed its EHR between Oct. 15 and Sept. 8.
The unauthorized user may have accessed patient information including full names, dates of birth, addresses, email addresses, phone numbers, health insurance identification numbers, dates of service, diagnoses and Social Security numbers.
In response to the incident, Ascension Michigan conducted a review of internal controls to better safeguard patient information. The system is also offering free credit and identity theft protection monitoring services to patients affected by the breach.
