An American healthcare provider that serves more than 1.2 million people is concerned a former employee from the Microsoft-owned Nuance Communications stole sensitive data on more than a million patients.
Geisinger, an American healthcare provider for more than a 1.2 million people across Pennsylvania announced a security breach took place last year that was traced back to a former employee of Nuance Communications, the Microsoft-owned IT provider. Geisinger discovered the security breach on November 29 and immediately contacted Nuance Communications, which discovered the individual removed his access before the authorities were notified.
Nuance Communications then launched its own investigation and discovered the former was terminated from their position and then two days later accessed the sensitive records, making copies of records on more than a million Geisinger patients. The data includes birth dates, addresses, hospital admissions, discharge records, medical data, and demographic information. Notably, financial and insurance information wasn't stolen, according to Geisinger.
"We continue to work closely with the authorities on this investigation, and while I am grateful that the perpetrator was caught and is now facing federal charges," Geisinger chief privacy officer Jonathan Friesen alleged, adding: "I am sorry that this happened."
At the moment, it remains unclear the purpose of the theft, but what is known is the former employee has been arrested by authorities and is facing federal charges.
"The former Nuance employee has been arrested and is facing federal charges," stated Geisinger