Emory Healthcare has notified 77 patients that their identification information was stolen and another 2,400 that a theft had occurred, and the hospital was giving all of them identity protection in case their information is pirated, a spokesman said Tuesday.
The IRS discovered the theft and notified Emory when patients' names, Social Security numbers and possibly other identifying information were used to file fraudulent income tax returns. Emory said the patients' addresses, dates of birth and limited health information such as the medical record number also might have been taken.
Emory spokesman Jeffry Molter said medical records were not compromised.
"It was a theft of information," Molter said. "This theft was not a breach into the electronic medical records at Emory Healthcare."
The 77 people identified by the IRS were patients at the Emory Clinic section of Orthopaedics at Emory Healthcare, according to Molter. They were told to place fraud alerts on their credit reports.
Emory is also notifying and extending the same identity theft protection to approximately 2,400 additional patients of The Emory Clinic section of the Orthopaedics department who were not believed to be affected by this incident. The others were sent letters Monday and offered protection just in case some of their information is used fraudulently.
"According to law enforcement, this information appears to have been subsequently used for the filing of fraudulent federal tax returns with the intent of collecting associated tax refunds. Emory has been fully cooperating with the IRS and other federal authorities in the ongoing criminal investigation, and will continue to do so," Emory said in a statement. "Emory is deeply committed to the protection of all personal information entrusted to us, and we express regret to our patients affected by this incident. We take this incident very seriously and offer sincerest apologies to our community. "
The IRS declined to comment because it is an ongoing criminal investigation.
About the Author
