. home.aspx



Data of 45,000 Rush patients exposed due to third-party breach

March 06, 2019 / Heather Landi

The personal information of about 45,000 patients at Rush System for Health has been compromised due to a data breach at one of the health system’s third-party claims processing vendors. The data breach, first reported by Crain’s Chicago Business, was disclosed in a Rush financial filing (PDF). The breach, which Rush learned about on Jan. 22, was the result of an employee at one of its third-party vendors improperly disclosing a file containing certain patient information to an unauthorized party. According to a statement from Rush provided by a health system spokeswoman Deb Song, the file included “limited” personal information about certain Rush patients. Although the file did not contain medical history or treatment information, the file may have contained personal information, such as name, address, social security number, date of birth and health insurance information, relating to approximately 45,000 Rush patients, according to the financial filing. Accord...