UW Health notifies more than 2,000 patients of information breach

MADISON, Wis. (WMTV) UW Health has notified 2,046 patients about an information breach where an unauthorized person may have accessed patients' personal information.

According to UW Health, the provider is sending letters to a group of patients about an incident involving a breach in an employee's email account.

UW Health representatives say that the incident, that happened on March 16 this year, was discovered by UW Health on March 28, 2017. An unauthorized individual gained access to an employee’s credentials and email account. UW Health Information Systems immediately began an investigation, disabled the account, and reset the password. The unauthorized individual had access to the email account and data files within that account.

Some of those files contained patient information, including patients’ names; addresses; dates of birth; dates of service; providers’ names; reasons for the visits; medical history and conditions; medications; diagnostic results and/or social history.

The emails did not include the patients’ medical records, Social Security numbers, credit-card numbers, health insurance numbers, or other financial information. The incident did not affect all UW Health patients -- only those patients whose information was contained in the email account.

UW Health says there is no indication the information in the emails has been used in any way.

UW Health began mailing letters to affected patients on May 25, 2017, and have established a dedicated call center to answer any questions patients may have.

If you believe you may be affected and have not received a letter by June 8, 2017, or if you have any questions regarding this incident, call 1-888-742-9174 Monday through Friday, between 8 a.m. and 8 p.m.