Grand Rapids, Mich.-based Mercy Health began notifying approximately 1,000 patients on May 24 about a data breach that may have exposed patient data, according to mlive.com.
Mercy Health discovered that a private server was vulnerable to unauthorized personnel between 2014 and March 25, 2019. The server was used to store patient information and allowed physicians to conduct office check-ins and schedule appointments.
Patient information that may have been exposed included names, addresses, emails, insurance information and dates of birth. A limited number of Social Security numbers and some patient diagnosis information were also potentially accessible.
There is no evidence that information has been misused, Mercy Health reports.
More articles about health IT:
HHS OIG warns against genetic testing scam
Battle of the coasts: How Boston-based digital health companies compete with Silicon Valley for tech talent
Smaller tech 'tweaks' add up to make a big impact on clinical care