MetroHealth Data Breach Involved 1700 Patients

  • The MetroHealth System in Cleaveland, Ohio, recently disclosed a data breach involving 1700 of its patients.

    In a recent statement, MetroHealth announced that on November 13, while the health system’s electronic medical records systems were being upgraded, 1700 patient records were unintentionally disclosed.

    The breach involved patient names, care provider names and appointment details.

    MetroHealth claimed that no personal, financial or health-related information was involved. Letters to effected patients were mailed earlier this week.

    On February 10, the health system’s medical record partner informed it of the breach.

    According to its annual report, MetroHealth saw more than 1.4 million patient visits in 2020.

    MetroHealth encouraged patients with questions to call 855-482-1315, 9 am and 6:30 pm (ET), Monday through Friday, excluding certain holidays

    The MetroHealth System was hit by a data breach via a connected vendor, CaptureRx, in June 2021, whose ransomware breach affected at least 16 other healthcare organizations. Patient files were accessed without authorization, containing names, birthdates and prescription information.

    2022 has seen a string of data breaches involving health organizations, including a cyber-attack on Ohio-based health system that may have exposed the protected health information (PHI) of 216,478 patients.

    This month, California-based respiratory care provider SuperCare Health revealed it had been hit by a data breach that affected more than 300,000 individuals.