Buffalo, N.Y.-based Kaleida Health began notifying 2,789 patients July 21 of a phishing incident that may have compromised their protected health information, according to the HHS Office for Civil Rights breach portal.
On May 24, hospital officials learned an unauthorized third party may have accessed one of its employee's email accounts. Officials immediately launched an investigation into the matter, employing a computer forensic firm to assist.
The investigation revealed a limited number of patients' names, medical record numbers, dates of birth, diagnoses, treatment information and other clinical information were potentially accessed by the unauthorized third party.
The hospital does not have any indication the information has been misused.
Becker's reached out to Kaleida Health for comment, but hospital officials did not provide any additional information.
More articles on health IT:
Appeals court rules health insurance customers can sue for data breach