As many as 97,000 current and former patients of New York-based NRAD Medical Associates had personal information – including Social Security numbers – compromised by a former employee radiologist who accessed and acquired the data without authorization.

How many victims? As many as 97,000. 

What type of personal information? Names, addresses, dates of birth, Social Security numbers, health insurance information, diagnosis codes, and procedure codes.

What happened? A former NRAD employee radiologist bypassed security systems, and accessed and acquired the data from NRAD's billing and data systems without authorization.

What was the response? NRAD implemented a series of enhanced security safeguards on its billing and patient databases. All impacted individuals are being notified. The employee is no longer employed at NRAD.

Details: NRAD learned of the incident on April 24.

Quote: “There is no indication that any of the breached data has been disclosed to or used by any third parties, and there is no evidence that any patient financial data, such as credit card numbers and banking information, was accessed,” according to a notification posted to the website.

Source:, “Patient Privacy Letter,” June 13, 2014.