Tallahassee (Fla.) Memorial Healthcare said some patient information was compromised in a data breach involving Oracle Health, a former EHR vendor used by the health system, WTXL Tallahassee reported June 18.
In letters sent to patients June 13, the health system said the unauthorized access occurred Jan. 22, and it was notified of the breach March 13.
“TMH was recently notified by Cerner, which is now part of Oracle Health (‘Oracle/Cerner’), an electronic health records (EHR) vendor previously used at TMH, that it had experienced a cybersecurity event involving unauthorized access to data hosted in Oracle/Cerner’s data migration environment — including certain TMH patient information,” the health system wrote in its letter. “We have indications that TMH is one of many healthcare organizations nationwide impacted by this incident.”
Tallahassee Memorial said its current EHR system was not affected. The health system did not disclose what types of patient information may have been exposed.
Becker’s has reached out to Tallahassee Memorial Healthcare for comment and will update this story if more information becomes available.
On March 28, Bloomberg reported that the FBI was investigating a cyberattack on Oracle’s computer systems in which hackers stole patient data to extort multiple U.S. healthcare providers.
Oracle notified some healthcare customers that the breach occurred sometime after Jan. 22. According to a notice sent to clients and obtained by Bloomberg, hackers accessed company servers and copied patient data to an external location.
The breach affected older servers from EHR company Cerner, now known as Oracle Health. The company has not publicly confirmed the breach.
