Loic Venance/Getty Images

A forensic analysis found that an unauthorized person accessed a server at Baltimore-based LifeBridge Health on Sept. 27, 2016, which was only discovered when malware was found on the health care system's ambulatory EHR and patient registration and billing systems on March 17 of this year. The incident may have compromised the protected health information of about 500,000 patients, including their names, diagnoses, clinical and treatment information, medications, dates of birth, insurance information and addresses, as well as the Social Security numbers of 381,123 patients.

Related Summaries