Alabama’s Flowers Hospital recently began notifying an undisclosed number of patients that their personal information may have been stolen by a former employee.
“Flowers Hospital’s laboratory processes lab tests submitted to us by your health care provider,” hospital privacy officer Patti Hatcher explained in a notification letter. “Unfortunately, we discovered on February 26, 2014, that an employee in our laboratory was taking lab forms containing patient personal information, and that he may have attempted to use that information to file fraudulent tax returns.”
The employee was fired and arrested, and the hospital is cooperating with law enforcement as it investigates the crime.
The hospital’s own internal investigation determined that the files, which were stolen sometime between June 2013 and February 2014, included patients’ names, addresses, birthdates, Social Security numbers, and health plan policy numbers. The files also listed the names of lab tests that had been ordered, and sometimes showed the diagnosis.