A significant office for the Mass General Brigham (MGB) health care system, situated at Assembly Row, became notorious due to a data breach involving patients’ personal information. The system announced that two of its employees were dismissed for allowing an unauthorized person to access sensitive patient data earlier this year, between February 26 and April 4.
The breach was discovered by MGB on April 4, prompting an immediate investigation. The investigation found that the two dismissed employees may have granted access to an unauthorized individual to perform certain job duties, giving them access to private patient information without MGB’s knowledge or approval.
MGB released a Health Insurance Portability and Accountability Act (HIPAA) notice to affected patients last week, disclosing the breach. It is possible that the unauthorized individual viewed names, addresses, medical record numbers, dates of birth, email addresses, phone numbers, and health insurance policy numbers of patients. Additionally, information about patient visits or admissions, including dates, locations, diagnoses, and guarantors, might have been accessed.
In certain cases, the breach may have included Social Security numbers and/or credit card numbers. As a response, MGB is offering 24 months of complimentary credit monitoring to patients affected by the incident and is taking steps to prevent future privacy breaches.
MGB expressed regret for the incident, which they sincerely regret happening. Patients interested in further information about the incident or to enroll in the free credit monitoring can contact MGB’s privacy call center at 1-888-826-9548.