University of Missouri Health Care recently identified and addressed a security incident involving patient information, the organization announced Friday.
Patients' information potentially affected may have included names, dates of birth, medical record numbers, health insurance information, and limited treatment and/or clinical information, such as diagnostic and/or medication information and, for a small number of individuals, a Social Security Number.
MU Health Care completed the process of identifying patients potentially affected July 27, according to a news release.
MU Health Care officials said they launched an investigation to determine the nature and scope of the incident after learning May 1 that an unauthorized individual may have gained access to two employees' email accounts.
In addition to starting an investigation, MU Health Care took steps to secure the employees' accounts and that investigation determined that the unauthorized access occurred between April 23 and May 1, according to the news release.
This incident did not affect all MU Health Care patients, only those patients who had information contained in the affected email account, according to the release.
MU Health Care officials said they had no indication that individuals' information was actually viewed by the unauthorized individual nor that it has been misused.
MU Health Care mailed notification letters to those whose information was found in the account and is providing complimentary credit-monitoring services to those whose Social Security numbers potentially were exposed.
MU Health Care also recommends patients review any statements they receive from their health insurers or health care providers. If they see charges for services they did not receive, they should contact the insurer or provider immediately.
MU Health Care officials said they are reinforcing education with employees regarding how to identify and avoid suspicious emails, as well as making additional security enhancements.
MU Health Care has established a call center to answer questions about the incident. People with questions can call the center at 1-833-762-0222 from 8 a.m.-5:30 p.m. Monday through Friday.
Additional information is posted on the MU Health Care website at muhealth.org/data-security-incident.