University Hospitals in Cleveland, Ohio, revealed Nov. 28 that an employee improperly accessed the medical and personal information of 692 patients over a three-year period.
The employee, who was dismissed following the incident, gained access to the hospital’s electronic medical records. Those records contained names, home addresses, phone numbers, email addresses, medical and health-insurance account numbers and other patient information like Social Security numbers, The Plain Dealer reports.
Hospital officials said the employee also used the records to view patient financial information like credit and debit card numbers. The hospital has mailed letters to all 692 patients affected by the breach.
The hospital will provide one year of free credit monitoring and identity theft protection to affected patients.