An investigation into a data breach that took place at Rutland Regional Medical Center in recent months found that information pertaining to 72,224 patients may have been stolen as well as almost 4,000 Social Security numbers.
A release on Friday said staff at Rutland Regional has not received any reports that personal information has been misused as a result of the breach.
Officials at the health care system cannot confirm whether any specific information within the affected email accounts was actually accessed, viewed, or acquired without permission but the email accounts included among other things, data files that contain the types of demographic information that is used for health care billing such as patient names, contact information and medical record numbers.
The information on the email accounts also contained 3,683 social security numbers.
On Dec. 31, the Information technology department at Rutland Regional determined that someone had gained unauthorized access to an employee’s email account.
Hospital administrators immediately started working with a third-party forensic expert to conduct a full system review and further investigate the incident. This investigation found that someone had access to nine employees’ email accounts between Nov. 2 and Feb. 6.
Claudio Fort, president and CEO of RRMC, said in a statement that the health care system takes the “responsibility to protect personal information very seriously.”
“Information privacy and security remain one of our highest priorities. We apologize for any inconvenience or concern this incident might have caused. We have taken and will continue to take steps to prevent something like this from happening again, including educating staff, reviewing technical controls and implementing additional safeguards and security measures to enhance the privacy and security of our patient information,” Fort said in a statement.