Meadville Medical Center is dealing with a data security incident involving its employee payroll system.
The incident was discovered last week and involves only employee information at this point, according Don Rhoten, the hospital’s vice president of consumer engagement.
The security problem “may have resulted in unauthorized access to the personal information of some employees and their dependents,” Rhoten confirmed in an email to the Tribune on Wednesday.
“Based on our investigation thus far, we have no evidence that this incident involves any patient information,” Rhoten said.
Once the incident became known, Rhoten said the hospital secured its employee payroll computer portal, notified the FBI, and launched an investigation into the incident.
Catherine Policicchio, spokeswoman for the FBI’s field office in Pittsburgh, said Wednesday the law enforcement agency wouldn’t comment on whether there was an investigation.
As a precautionary measure, Meadville Medical Center notified its employees of the incident on Jan. 23, Rhoten said.
“We are working with a professional security firm to address this incident and determine what personal information may have been involved,” Rhoten said. “We appreciate our employees’ patience as we investigate this incident.”
Two years ago, 830 Meadville Medical Center patients were among 45,000 nationwide who had medical reports illegally accessed by an employee of Nuance Communications Inc. between Nov. 20, 2017, and Dec. 9, 2017.
The hospital had a contract with Nuance, a computer software technology corporation, to provide transcription services for notes made to medical records by physicians.
What was accessed in 2018 were transcribed reports from a patient’s visit to a physician, not a patient’s entire medical history nor the patient’s Social Security number.