“The research data did not include any study participant’s Social Security number, insurance information, or any financial information,” MGH said. “The research data did not include any study participant’s address, phone number, or other contact information. The incident did not involve MGH’s medical records systems.”
The Massachusetts General Hospital has suffered a major data breach involving private health information involving the records of some 9,900 research patients used by Neurology researchers at the hospital. The data stolen included names, dates of birth, medical record numbers and medical histories. The breach occurred between June 10 and June 16 at the hospital’s Department of Neurology, and was traced to two computer applications used its research programs, MGH said.The breach was discovered on June 24.
However, the breached data “may have included a participant’s first and last name, certain demographic information (such as marital status, sex, race, ethnicity), date of birth, dates of study visits and tests, medical record number, type of study and research study identification numbers, diagnosis and medical history, biomarkers and genetic information, types of assessments and results, and other research information,” MGH said.