Community Health warning patients of data breach

Community Health Network is notifying an undisclosed number of patients that some of their personal and medical information may be part of a data breach.

The health network said Friday that information from users of its website and its My Chart patient portal might have been transmitted through cookies and pixels to website-tracking technology vendors such as Facebook and Google.

Community, which said it discovered the issue on Sept. 22, said the leaked information could vary, depending on the user and their device configurations, but might include:

  • computer IP address;
  • dates, times, and/or locations of scheduled appointments;
  • health care provider information;
  • types of appointment or procedure scheduled;
  • communications that occurred through MyChart, including first and last names and medical record numbers; information about insurance coverage; and the name of any MyChart account proxy.

Community said there was “no indication that any Social Security numbers, financial account numbers, or debit/credit card information was collected or transmitted through the third-party tracking technologies.”

A Community spokeswoman declined to say how many patients might be affected by the breach.

“Community regrets that this data breach occurred and is committed to safeguarding individuals’ information,” it said in a statement. “Community is mailing letters to potentially impacted individuals with information about the data breach, actions Community has taken, and recommendations on steps that individuals can take to protect themselves from website tracking.”

Patients can also get information about the breach by calling (866) 361-5593 between 9 a.m. and 7 p.m. Monday through Friday.