Rush University Medical Center has issued notices to around 45,000 patients whose data were compromised in a major data breach that happened on January 22. The hospital detailed this serious security incident in a financial filing and subsequently sent notices to affected patients starting from February 25.
The big picture
Back to back incidents
This is Rush’s second security incident observed this year. Earlier, the hospital had wrongly sent letters to patients other than those who were supposed to receive it.
“In February, Rush University Medical Center reported that letters notifying patients of the retirement of a nurse practitioner at the Epilepsy Center were addressed incorrectly. The envelopes were marked with the names of certain patients but sent to different patients’ addresses. That incident affected 908 patients, according to the U.S. Department for Health and Human Services Office for Civil Rights,” reported Chicago Tribune.