About 600 patients belonging to Southern Illinois Healthcare had their data exposed after third-party vendor Experian Health compromised the data.
Southern Illinois Healthcare said it was notified by Experian Health on April 28 that a technical glitch took place while the vendor was migrating data from one server to another. This resulted in Experian accidentally delivering patient information to incorrect hospitals between February 13 and March 13.
“The misdirected data may have included the following: name; date of birth; gender; address; Medicare ID/HIC number or Member ID number for non-Medicare patients; payer/insurance company name; group policy number; group number; and/or Medicaid case number,” Southern Illinois reported.
Experian has confirmed to Southern Illinois Healthcare that the problem has been rectified and also noted that the facilities receiving the patient information are all HIPPA-compliant.
“We deeply regret this incident occurred. Experian Health assures us the information would only have been viewed or saved by another medical facility governed by the Health Insurance Portability and Accountability Act, or HIPAA,” said SIH Privacy Officer Marcia Matthias.
Earlier this week health insurer Anthem agreed to pay record $115 million to settle data breach suit.