Geisinger Data Breach: Former Employee Accesses Patient Info
In November 2023, Geisinger detected unauthorized access to patient data by a former Nuance employee shortly after termination.
Ashish Khaitan June 28, 2024
Share on LinkedInShare on Twitter
Geisinger Healthcare, a leading provider in Pennsylvania’s healthcare sector, has recently disclosed a data breach involving the unauthorized access of patient information by a former employee of Nuance, an IT services contractor. This Geisinger Healthcare data breach has impacted over one million patients across its extensive network of care facilities.
Founded in 1915, Geisinger operates 134 care sites and ten hospitals, serving 1.2 million individuals across urban and rural Pennsylvania. The non-profit organization is renowned for its commitment to delivering value-based care and employs 26,000 staff, including 1,600 physicians.
Geisinger Data Breach Links to Former Employee
The Geisinger data breach was first identified in November 2023 when the organization detected unauthorized access to its patient database by a former Nuance employee, shortly after their termination. Geisinger promptly notified Nuance, which took immediate steps to sever the employee’s access to their systems containing patient records.
According to Geisinger’s Chief Privacy Officer, Jonathan Friesen, “Our patients’ and members’ privacy is a top priority, and we take protecting it very seriously.” Nuance, in collaboration with law enforcement authorities, launched an investigation resulting in the arrest of the former employee, who now faces federal charges.
The investigation revealed that the compromised information included patient names along with various details such as date of birth, addresses, medical record numbers, and contact information. Importantly, sensitive financial information such as credit card numbers or Social Security numbers remained unaffected.
Geisinger has Notified the Customers About the Data Leak
Geisinger has taken proactive measures to notify affected patients and has provided a dedicated helpline (855-575-8722) for assistance. Patients are advised to review any communications from their health insurer and report any discrepancies promptly.
This incident underscores the critical importance of robust data security measures within healthcare systems, especially when handling sensitive patient information,” said Friesen. Geisinger continues to cooperate closely with authorities as the investigation progresses, aiming to mitigate any further risks to patient privacy and security.
Geisinger urges recipients of the notification to carefully review the details provided and reach out with any questions or concerns. The organization has shared customer service numbers where affected individuals can contact from Monday through Friday, Eastern Time, excluding major U.S. holidays, and reference engagement number B124651.
In light of the breach, Geisinger emphasizes its commitment to transparency and patient care, ensuring affected individuals receive the support and resources necessary to safeguard their personal information and mitigate potential risks associated with the Geisinger data leak.