Carbondale-based Southern Illinois Healthcare will notify more than 600 patients after a third-party vendor's technical error led to a breach of information.
On April 28, Experian Health, a revenue cycle management vendor, notified SIH a technical error caused by a server migration project had led it to misdirect protected health data to other medical facilities between Feb. 13 and March 13. The misdirected data may have included patient names, dates of birth, genders, addresses, Medicare ID/HIC numbers, insurance company names, group policy numbers, group numbers and Medicaid case numbers.
"Experian Health assures us the information would only have been viewed or saved by another medical facility governed by … HIPAA," SIH Privacy Officer Marcia Matthias said in a public notice. "During the course of SIH’s investigation into the incident, Experian Health confirmed for SIH that the error has been resolved."
SIH will offer free credit repair and monitoring services to affected patients. The health system has also established a dedicated call line to address patient questions.
Becker's has reached out to SIH for comment. This story will be updated as more information becomes available.
More articles on health IT:
Health information of more than 2k Aetna members available online for months