Tenet Healthcare warns 37,000 patients of data compromise

News
Feb 22, 20082 mins

Dallas-based Tenet Healthcare Corp. last week sent out notices to about 37,000 patients informing them about the potential compromise of their personal and financial data.

Dallas-based Tenet Healthcare Corp. last week sent out notices to about 37,000 patients informing them about the potential compromise of their personal and financial data (Compare Data Leak Protection products).

The warning came after Terrence Brooks, a former data processor at a Tenet bill-processing center in Frisco, Texas, was arrested last month and subsequently pleaded guilty to five counts of fraudulent possession and use of identification information stolen from Tenet.

Steven Campanini, a spokesman for Tenet, said that Brooks’ illegal activity was discovered after the Arlington Police Department in Texas told the company that it was investigating potential consumer fraud involving Tenet data last December. After the problem was traced to Brooks, he was fired and immediately arrested, Campanini said.

At the time of his arrest, Brooks had identity information belonging to about 90 patients in his possession, Campanini said. Brooks last month pleaded guilty to the charges and is currently serving a nine-month sentence.

Tenet has contacted each of the 90 people via phone and informed them about the data theft. It is also offering them free credit-monitoring services for a year, Campanini said.

In addition to those 90 patients whose information he had, Brooks also had access to the records of another 37,000 people through his work in the bill-processing center, Campanini said. There is no indication that Brooks actually accessed or misused any of that information, but Tenet has informed all of the potentially affected individuals anyway, he said.

“This is an isolated incident that affects only a small number” of accounts, Campanini said. The Frisco bill-processing center handles more than 4 million accounts, so the number of affected records represents less than 1% of the total.

“We recognize there is an annoyance factor here, and we apologize for that,” Campanini said, adding that it’s impossible for a company to completely prevent such incidents despite taking precautions.

jvijayan

Jaikumar Vijayan is a freelance technology writer specializing in computer security and privacy topics. He writes for CSO Online, Dark Reading and Security Boulevard, among other outlets. He has also written for eWEEK, InformationWeek, TechTarget, Security Intelligence, Government Computer News, Datamation, and Information Security Magazine.

Jai was previously as senior editor at Computerworld, where he covered information security topics targeted at an enterprise IT audience. In addition to breaking news stories, he wrote features and analysis based on commentary and interviews with technical experts, security executives and other IT leaders. While at Computerworld, he won several awards for excellence in technology journalism.

Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. He has a Master's degree in Statistics and lives in Naperville, Ill.

More from this author