UMass Memorial Ex-Employee Takes Off With Billing Data on Up To 14,000 Patients

The UMass Memorial Medical Group has learned a former staffer allegedly accessed private information that contained credit card and debit card numbers, Social Security numbers, and birth dates.

The medical group first was informed on April 9, 2014 that information related to some of its patients may have been accessed "inappropriately and potentially for fraudulent purposes," according to a statement released Jan. 30, 2015.

According to the Telegram, officials say they immediately began an investigation and reported the incident to law enforcement at that time. 

In August 2014, authorities informed the group they had found copies of some patient billing documents in possession of an unauthorized person.

The medical group, part of UMass Memorial Health Care, said it was given permission Jan. 28 to notify the approximately 14,000 patients potentially affected by the breach.

The hospital group says it began notifying those individuals on Jan. 30.

UMass Memorial said that information "may have" included the patients' names, addresses, dates of birth, medical record numbers, and Social Security numbers as well as their credit and debit card numbers.