Vidant Health, who notified employees at its Duplin hospital of a breach in February, has been notifying patients of a separate breach. In a letter to 897 patients, Privacy Officer Joy Hardee writes that Vidant first discovered a problem on January 14, 2016. The letter does not indicate when the breach first occurred, however.
… We are committed to protecting the personal information of our patients and want to let you know that specifically, during your or your guarantor’s case in Bankruptcy Court, Vidant Health submitted to the Court documentation of the amount owed for past services furnished by a Vidant Hospital.
Although Vidant Health believes it was appropriate to include your name, service dates, account balance and redacted account number in this filing, we additionally included your social security number, full account number, medical record number, date of birth, telephone number, sex and marital status. Vidant Health has filed a motion to restrict public access to its previous submission. We have also updated our policies and re-trained our staff to ensure correct reporting going forward.
Those notified were offered 12 months of services from AllClear ID.