On December 30, 2022, Fitzgibbon Hospital filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after learning about a data security incident that compromised confidential patient information. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to patients’ full names, Social Security numbers, driver’s license numbers, financial account numbers, health insurance information, and medical information. After confirming that consumer data was leaked, Fitzgibbon Hospital began sending out data breach notification letters to the more than 112,000 patients who were impacted by the recent data security incident.
Patients of Fitzgibbon Hospital trusted the facility to provide them with the medical care they needed. However, most patients probably couldn’t fathom that the personal information doctors and nurses requested would end up in the hands of a criminal. However, in the wake of the Fitzgibbon data breach, that appears to be what happened. As we’ve discussed in previous posts, healthcare providers have a legal duty to safely maintain the protected health information in their possession. This is especially important today when cybercriminals are targeting protected health at an unprecedented rate. However, as a data breach victim, you have rights, including the right to bring a legal claim against the hospital if evidence emerges showing that the hospital’s negligence contributed to the leaking of your information.
What We Know So Far About the Fitzgibbon Hospital Breach
The available information regarding the Fitzgibbon Hospital breach comes from the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights, as well as a notice posted on the Fitzgibbon Hospital website. According to these sources, on June 6, 2022, Fitzgibbon Hospital detected unauthorized access to its computer system. In response, the hospital took the necessary steps to secure its computer network and then began working with third-party cybersecurity professionals to learn more about the nature and scope of the incident, as well as whether any patient data was compromised as a result.
On December 1, 2022, the hospital’s investigation confirmed that an unauthorized party had gained access to its computer network, including certain files containing confidential patient information.
Upon discovering that sensitive patient data was made available to an unauthorized party, Fitzgibbon Hospital began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your full name, Social Security number, driver’s license number, financial account number, health insurance information, and medical information.
On December 30, 2022, Fitzgibbon Hospital sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. According to the U.S. Department of Health and Human Services Office for Civil Rights, the Fitzgibbon Hospital data breach impacted the protected health information of 112,072 patients.
More Information About Fitzgibbon Hospital
Founded in 1923, Fitzgibbon Hospital is a non-profit community hospital based in Marshall, Missouri. The hospital, which contains a 60-bed acute care unit, serves patients across Saline County and central Missouri. The hospital provides a wide range of services, including OBGYN, family practice, diagnostic imaging, emergency room, surgeries, orthopedics, rehab, pain management, rheumatology, podiatry, and mental health. Fitzgibbon Hospital employs more than 511 people and generates approximately $54 million in annual revenue.
