Goshen (Ind.) Health began notifying 9,160 patients on Sept. 30 of a security incident that may have exposed their personal health information, according to The Elkhart Truth.
The hospital discovered that an unauthorized third party had gained access to two employees' email accounts between Aug. 2, 2018, and Aug. 13, 2018. A year later, on Aug. 1, Goshen Health determined that the email accounts stored some patient information.
Patient data found in the email accounts included names, addresses, dates of birth, physician names, health insurance information, limited clinical information, Social Security numbers and driver's license numbers.
Goshen Health said there has been no evidence that patient information has been misused. However, the hospital is offering patients complimentary identity theft protection services.