Notice to the Community
POSTED: Friday, September 15, 2023
Erlanger Health is required to notify affected individuals of the improper access, use, or disclosure of their patient information, called Protected Health Information (PHI). On August 2, 2023, one of our contracted partners, Nuance Communications, Inc., notified Erlanger that a contract partner had experienced a breach by an unauthorized third party. The breach occurred with software called MOVEit, by Progress Software, which Nuance and many other companies use for moving electronic files in a secure manner. MOVEit promptly made Nuance aware of the security incident and applied security patches that day and as additional vulnerabilities were identified. Nuance confirmed that data belonging to Erlanger patients was included with the information compromised. Approximately 2,753 patients were affected; PHI potentially compromised includes: patient name, date of service, the service received, and, for some patients, the medical record number Erlanger uses internally as a unique patient identifier. No Social Security numbers or financial or account information were included with the files that were compromised.
Unless you recently received imaging or radiology services or your healthcare provider recently requested a review of past imaging, you are unlikely to be affected. If you have any questions or believe you may have been one of the individuals affected, please follow this link for how you can obtain more information from Nuance Communications.