Patient Information Exposed in Michigan Rehab Security Breach
Who: Sacred Heart Rehabilitation Center
What was affected: Patients’ information, including full names, addresses, health insurance information, medical treatment information, medical diagnostic information and/or Social Security numbers.
When it happened: April 5, 2018, and April 7, 2018
How it happened: Sacred Heart officials notified “a limited number of patients about a security incident involving a phishing scheme, which affected a Sacred Heart Rehabilitation Center employee’s email account between April 5, 2018, and April 7, 2018.”
Outcome: The organization has implemented additional employee training and security measures to minimize the risk of a similar incident in the future. A dedicated toll-free response line was set up to answer patients’ questions.