University of Maryland Medical Center recently began notifying 33,896 patients that their protected health information may have been exposed after an unauthorized user hacked into one of the health system's faculty physician plan member's email accounts.
In an incident notice published to the Baltimore-based health system's website July 24, UMMC said that in May it discovered an email account belonging to the University of Maryland Faculty Physicians had been accessed by an unauthorized individual between Feb. 6-11. FPI is the faculty practice plan for the physician practice groups affiliated with the University of Maryland School of Medicine.
The inappropriately accessed FPI email account contained personal information of certain patients including names, dates of birth, medical record numbers and a limited number of Social Security numbers. UMMC reported the data breach to HHS July 24 as affecting 33,896 individuals.
UMMC and FPI said there is no evidence that any patient information has been acquired or misused, and the organizations are reviewing their email policies and procedures to increase security, according to the report.