Lafayette Surgical Hospital, LLC d/b/a Lafayette Surgical Specialty Hospital has been notified that a vendor providing care management software to the Hospital was the victim of a data theft by an unknown third-party, a release states.
The breach of computer servers at MCG Health, LLC occurred between 2020 and 2021. The incident is currently under investigation by law enforcement.
The Hospital uses the software services obtained from MCG to establish clinical care guidelines for its patients and to support clinical decision making. The protected health information accessed may have included the individual’s name, address, date of birth, patient identification number, name and address of the facility that provided health services, the name of the patient’s health care provider, the individual’s medical record number and internal clinical notes, the release states.
MCG has begun notifying affected patients in writing with additional information and resources. MCG will provide free credit monitoring and identify theft detection and prevention services at no cost to all affected individuals at the contact information provided in this release.
"Lafayette Surgical Specialty Hospital takes this situation seriously and is committed to protecting the privacy of its patients," the release states. "Lafayette Surgical Specialty Hospital has also reported the breach to the Department of Health and Human Services Office for Civil Rights and other regulatory authorities as required by federal and state breach notification laws."