Rush Hospital Data Breach Exposes 45,000 Patients’ Personal Information

A data breach back in January exposed the personal information, including Social Security numbers, of thousands of patients at this Chicago hospital.

Rush Hospital Data Breach Exposes 45,000 Patients’ Personal Information

This is the second HIPAA violation by Rush Hospital in 2019.

A data breach at Rush University Medical Center in Chicago, Ill., exposed the personal information of approximately 45,000 patients.

Rush System Health revealed in a quarterly report that it learned of the breach on Jan. 22, reports CBS Chicago. It believes an employee of a third-party vendor provided someone with unauthorized access to system files.

Data inside the files included addresses, Social Security numbers, birthdates and health insurance of patients. Medical information or details on treatment, however, were not stolen.

After the discovery, Rush launched an internal investigation, reports Finger Lakes Times. The hospital says that to its knowledge, the information was not misused.

Hospital officials say they have suspended its contract with the vendor and is working to prevent future breaches.

“Although Rush is not aware of any misuse of information arising out of this incident, we are providing notice of the incident to all potentially affected individuals as well as providing notice to the Department of Health and Human Services of Civil Rights,” the quarterly report said.

Letters were sent out to affected patients on Feb. 25, who were told they will have 12 months of identity protection services for free.

It also recommended that patients check their credit reports, review their benefit plans with health insurers and consider freezing their accounts.

Last month, Rush Medical Center also accidentally exposed the names of 908 patients when it mailed a letter that was addressed incorrectly, resulting in patients learning names of other patients.

The hospital said the incident was a “low privacy risk.”

“Rush takes this matter very seriously and is committed to protecting patients’ personal information,” a statement from the hospital said.

Data breaches are becoming more common, especially at hospitals, universities and hotels that have high volumes of personal information.

Check out the most devastating cyber-attacks of 2018.

About the Author

Katie Malafronte
Contact:

Katie Malafronte is Campus Safety's Web Editor. She graduated from the University of Rhode Island in 2017 with a Bachelor's Degree in Communication Studies and a minor in Writing & Rhetoric. Katie has been CS's Web Editor since 2018.

Read More Articles Like This… With A FREE Subscription

Campus Safety magazine is another great resource for public safety, security and emergency management professionals. It covers all aspects of campus safety, including access control, video surveillance, mass notification and security staff practices. Whether you work in K-12, higher ed, a hospital or corporation, Campus Safety magazine is here to help you do your job better!

Get your free subscription today!


Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ