The University of Arkansas for Medical Sciences (UAMS) in Little Rock is investigating a breach of information involving thousands of patients.
UAMS officials say patients affected were interventional radiology patients seen at UAMS during 2009, 2010 and 2011.
The breach happened when a document sent to an individual outside of UAMS for analysis of billing charges was not properly de-identified.
A UAMS physician sent financial data to an individual who was not a member of UAMS’s workforce in mid-February 2012, with the intention of removing all patient identifiers. On April 6, UAMS discovered that the data did in fact contain identifiers, including patient names, UAMS account numbers, dates of service, interventional radiology procedures, diagnosis codes, and charges and payments, for about 7,000 patients.
No credit card, debit card, bank account or Social Security numbers were included in the information.
Read more on KARK4.