Roper St. Francis Healthcare in Charleston, S.C., posted a notice to its website Jan. 29, warning patients about a potential compromise of their protected health information.
An unauthorized user may have grained access to some employees' email accounts between Nov. 15 and Dec. 1, according to the notice. The hospital said it immediately secured the accounts and launched an investigation into the incident.
Roper St. Francis' investigation determined that some patient information may have been stored in the email accounts, including names, medical record numbers, information about services received at Roper St. Francis and health insurance information. A limited number of Social Security numbers and financial information may have also been compromised.
The hospital said it has no evidence that any patient information had been misused, but began mailing notification letters to an undisclosed number of affected patients Jan. 25 and has set up a dedicated call center to address any patient concerns. Roper St. Francis is also offering affected individuals free credit monitoring and identity theft protection services.
"We apologize for any inconvenience or concern this incident may cause you. To help prevent something like this from happening again, we are continuing education with our staff on email protection and enhancing our email security," the hospital's notice states.