Aultman warns patients of privacy breach
Aultman warns patients of privacy breach
CANTON – More than 7,000 Aultman Health Foundation patients may have had their private records accessed by a former worker as part of a privacy breach, the hospital system announced Friday.
The former Aultman employee accessed patient information outside the scope of his or her job duties between Sept. 14, 2009, and April 26, 2021.
The employee may have accessed patients' names, addresses, birthdays, Social Security numbers, insurance information, and diagnosis and treatment information, the hospital system said.
More:Aultman breaks ground on $28 million Timken Family Cancer Center
More:Aultman College makes school history graduating its first four-year students with bachelor's in nursing
More:Aultman, Pro Football Hall of Fame extend health services partnership
"Upon discovering this, the employee’s access to Aultman’s electronic health record system was suspended, and an investigation was conducted to determine the nature and scope of the incident," Aultman said.
The employee, who has not been identified, has been terminated and no longer has access to patient data.
The worker is not facing criminal charges, Chief Compliance Officer Tim Regula said in response to emailed questions Friday evening. The employee, who was not a medical provider, had access to patient information as part of his or her job coordinating patient care, he said.
"Our employees are trained to only access information related to their job. This person went beyond that," Regula said.
About 7,300 patients spread across the Aultman service area were involved, he said.
So far, there's no indication that patient information has been misused or will be misused, or that any information was further disclosed, Aultman said.
Aultman began mailing letters this week to patients whose information may have accessed.
Your stories live here.
Fuel your hometown passion and plug into the stories that define it.
Create Account
Aultman is offering patients whose Social Security numbers may have been compromised free credit monitoring and identity theft protection.
The hospital system also has set up a dedicated, toll-free call center to answer questions about the incident at 855-731-3203. The hotline is open 9 a.m. to 6:30 p.m. Monday through Friday, excluding major U.S. holidays.
Aultman is recommending that patients whose information may have been compromised review statements from health care providers and their insurance plans to ensure that only services received are listed. If you see something wrong, contact your provider or insurance company immediately.
"To help prevent something like this from happening again, Aultman has provided additional training to its system users and is implementing additional measures to protect the information of its patients," the organization said.
The Aultman Health Foundation includes Canton's Aultman Hospital, Aultman Orrville Hospital, Aultman Alliance Community Hospital, health insurance provider AultCare, the Aultman Foundation and Aultman College.
The organization has a combined 1,032 patient beds, more than 1,000 providers and more than 7,000 employees. It is Stark County's largest medical provider.
The Federal Trade Commission offers the following warning signs of medical identity theft:
Getting a bill for services you didn't receive.
Errors in your explanation of benefits statement, such as services you didn't get or prescriptions you don't take.
Calls from a debt collector about medical debt you don't owe.
Medical debt you don't recognize on your credit report.
A notice from your insurance company that you've hit your benefit limit.
You're denied coverage because of a pre-existing condition you don't have.
If you think you've been a victim of medical identity theft or that your private medical information may have compromised, the FTC recommends:
Collecting your medical records from all providers, reviewing those records for any errors and reporting those errors to medical providers in writing.
Reviewing your credit report and reporting any errors at IdentityTheft.gov.
Creating a personal recovery plan, also at IdentityTheft.gov.
Reach Jessica at 330-580-8322 or [email protected]
CANTON – More than 7,000 Aultman Health Foundation patients may have had their private records accessed by a former worker as part of a privacy breach, the hospital system announced Friday.
The former Aultman employee accessed patient information outside the scope of his or her job duties between Sept. 14, 2009, and April 26, 2021.
The employee may have accessed patients' names, addresses, birthdays, Social Security numbers, insurance information, and diagnosis and treatment information, the hospital system said.
More:Aultman breaks ground on $28 million Timken Family Cancer Center
More:Aultman College makes school history graduating its first four-year students with bachelor's in nursing
More:Aultman, Pro Football Hall of Fame extend health services partnership
"Upon discovering this, the employee’s access to Aultman’s electronic health record system was suspended, and an investigation was conducted to determine the nature and scope of the incident," Aultman said.
The employee, who has not been identified, has been terminated and no longer has access to patient data.
The worker is not facing criminal charges, Chief Compliance Officer Tim Regula said in response to emailed questions Friday evening. The employee, who was not a medical provider, had access to patient information as part of his or her job coordinating patient care, he said.
"Our employees are trained to only access information related to their job. This person went beyond that," Regula said.
About 7,300 patients spread across the Aultman service area were involved, he said.
So far, there's no indication that patient information has been misused or will be misused, or that any information was further disclosed, Aultman said.
Aultman began mailing letters this week to patients whose information may have accessed.
Your stories live here.
Fuel your hometown passion and plug into the stories that define it.
Create Account
Aultman is offering patients whose Social Security numbers may have been compromised free credit monitoring and identity theft protection.
The hospital system also has set up a dedicated, toll-free call center to answer questions about the incident at 855-731-3203. The hotline is open 9 a.m. to 6:30 p.m. Monday through Friday, excluding major U.S. holidays.
Aultman is recommending that patients whose information may have been compromised review statements from health care providers and their insurance plans to ensure that only services received are listed. If you see something wrong, contact your provider or insurance company immediately.
"To help prevent something like this from happening again, Aultman has provided additional training to its system users and is implementing additional measures to protect the information of its patients," the organization said.
The Aultman Health Foundation includes Canton's Aultman Hospital, Aultman Orrville Hospital, Aultman Alliance Community Hospital, health insurance provider AultCare, the Aultman Foundation and Aultman College.
The organization has a combined 1,032 patient beds, more than 1,000 providers and more than 7,000 employees. It is Stark County's largest medical provider.
The Federal Trade Commission offers the following warning signs of medical identity theft:
Getting a bill for services you didn't receive.
Errors in your explanation of benefits statement, such as services you didn't get or prescriptions you don't take.
Calls from a debt collector about medical debt you don't owe.
Medical debt you don't recognize on your credit report.
A notice from your insurance company that you've hit your benefit limit.
You're denied coverage because of a pre-existing condition you don't have.
If you think you've been a victim of medical identity theft or that your private medical information may have compromised, the FTC recommends:
Collecting your medical records from all providers, reviewing those records for any errors and reporting those errors to medical providers in writing.
Reviewing your credit report and reporting any errors at IdentityTheft.gov.
Creating a personal recovery plan, also at IdentityTheft.gov.
Reach Jessica at 330-580-8322 or [email protected]