Nuance Communications, an external IT services provider for Danville, Pa.-based Geisinger, has informed Geisinger patients that their personal information may have been compromised by a former Nuance employee.
On Nov. 29, Geisinger learned that a recently terminated Nuance employee had accessed some of its patient information and notified the vendor. In response, Nuance revoked the individual's access to Geisinger's records and launched an investigation into the incident, according to a June 24 news release from Geisinger.
Nuance's investigation revealed that the former employee may have accessed and potentially taken information related to more than one million Geisinger patients. The compromised data varies by individual, according to the release, and includes dates of birth, addresses, admit and discharge or transfer codes, medical record numbers, race, gender, phone numbers and facility name abbreviation.
No claims, insurance information, credit card numbers, bank account numbers, other financial information or Social Security numbers were compromised, Geisinger said.
The former Nuance employee was arrested and is facing federal charges.
Nuance is owned by tech giant Microsoft.