A data breach at MCG Health, a clinical guidance software vendor, has exposed the protected health information of patients at Omaha, Neb.-based CHI Health and Sioux Falls, S.D.-based Avera Health.
On March 25, MCG Health, which provides patient care guidelines to the health systems, learned that an unauthorized party had accessed personal information stored on its system.
The breach has affected 900 patients of Avera McKennan Hospital & University Health Center, as well as an unknown number of patients at CHI Health and its affiliated locations.
Some of the patient information obtained in the MCG Health breach contains names, Social Security numbers, medical codes, postal addresses, phone numbers, email addresses, dates of birth and gender.
On June 10, MCG Health said it was notifying all affected individuals.
CHI Health is also mailing letters to the affected patients.