MedInform, a vendor that provides services to Cleveland Clinic, learned that an unauthorized user accessed confidential information about Cleveland Clinic patients that was stored on the company’s computer network. The comany then filed a notice of data breach with the Attorney General of Massachusetts.
MedInform became aware of the breach on Dec. 21, taking action by securing its systems and launching an investigation into the incident. It was determined that an unauthorized party had access to the system Dec. 5-21.
The party gained access to patient names, addresses, Social Security numbers, medical billing information and financial account information.
Cleveland Clinic patients with compromised information received an alert from the company on May 24.
