2 minute read
HMH reaching out to patients, employees potentially impacted by 2022 data breach
By Patrick Massey
NASHVILLE – Howard Memorial Hospital is reaching out via mail to patients and employees who may have been victims of a data breach of the hospital late last year.
Earlier this month, the Howard Memorial Hospital Board of Directors held its regular monthly meeting and CEO Debra Wright informed the board that the notification letters were approved to be sent out to anyone who may have been victim of the 2022 data breach, described as a “cyber security event” by hospital officials.
The hospital announced last month that the breach may have impacted “the confidentiality and security of information related to certain patients as well as current and former employees of HMH.” ry, diagnosis, treatment information, and physician name. Other data related to hospital employees, both current and former, may have been breached, as well.
For individuals seeking additional information regarding this event, call the dedicated assistance line we have established at 1-833-570-2728, 7 a.m.-7 p.m., Monday-Friday.
Individuals can also find additional information on how they can help protect their personal information as well as obtain additional resources, on the HMH website: www.howardmemorial.com/public-notice press release, which provides information about the Final EIS.
Next Steps
The Board will issue a final decision that will take into consideration the transportation merits of the Proposed Acquisition and the entire environmental record, including the Draft EIS, Final EIS, and all public and agency comments received. In its final decision, the Board will decide whether the Proposed Acquisition should be authorized and, if so, what conditions, including environmental mitigating conditions, to impose.
HMH officials said steps were “promptly taken to secure HMH’s network,” and an investigation began with assistance from outside cybersecurity specialists to determine the nature and scope of them data breach.
The investigation into the data breach remains ongoing. Hospital officials have determined that certain files were potentially stolen from its network by an unknown actor between Nov. 14, 2022, and Dec. 4, 2022.
The types of information potentially impacted for patients includes name, contact information, date of birth, Social Security number, health insurance information, medical record number (MRN), medical histo-
HMH is encouraging potentially affected current and former patients and employees to remain vigilant against identity theft by reviewing account statements and explanations of benefits for unusual activity. Patients are encouraged to report any suspicious activity promptly to their insurance company, health care provider, or financial institution.
A class action lawsuit has since been filed against Howard Memorial by a group of patients represented by Little Rock-based law firm Carney, Bates & Pulliam, LLC. The patients allege through the complaint that their personal information “is now in the hands of cybercriminals.”
The plaintiffs are asking the court to ensure the hospital employs “adequate security protocols consistent with law and industry stands to protect” the personal information and health records of its patients. The complaint is not seeking monetary compensation but damages to be determined by “the trier of fact.”
