Southfield, Mich.-based Beaumont Health last week notified about 112,000 patients that their protected health information may have been exposed in a data security incident.
On March 29, the health system discovered that one or more Beaumont Health employee email accounts had been accessed by an unauthorized third party between May 23, 2019, and June 3, 2019. After completing a forensic investigation, Beaumont Health was unable to determine if any information was acquired by the unauthorized third party.
Patient data that may have been exposed by included names, dates of birth, diagnoses, patient account numbers and medical record numbers. A limited number of Social Security numbers, financial account information, health insurance information and driver's license or state ID numbers may also have been affected.
Beaumont Health implemented additional technical safeguards and provided extra training and education to employees on handling malicious emails, the health system said in an April 17 notice posted to its website.