Patient Privacy and Security Incident

Montefiore Health System is notifying certain patients about a security incident involving information that was stolen by a former employee. The employee compromised the information of 12,517 patients, which included  names, addresses, dates of birth, Social Security numbers, next of kin information, and health insurance details. The theft occurred between January 2013 and June 2013. The employee was fired, arrested and is now being prosecuted for this crime.

Montefiore will not tolerate any violation of our patients’ privacy. We are working closely with law enforcement, including the Manhattan District Attorney’s office to assist in their investigation. Following this theft, Montefiore is expanding both our technology monitoring capabilities and employee training on safeguarding and accessing patient records to further bolster our privacy safeguards.

The police have advised Montefiore that the employee may have sold the stolen patient information and this could result in identity theft. To safeguard affected individuals from any potential misuse of their personal information, Montefiore is offering all impacted patients identity theft protection services through ID Experts®, a data breach and recovery services expert. Affected patients will receive complete identity recovery services, 12 months of credit monitoring and a $1,000,000 insurance policy. All patients who have been impacted by this incident will receive a letter from Montefiore with more information.

Patients with questions regarding this incident can call 1-888-266-9438 Monday through Friday, 9:00 a.m. to 9:00 p.m. Eastern Time, excluding major holidays.

The employee who was arrested chose to violate established hospital policies, the trust of our patients and the law. We deeply regret that this crime has occurred and for any burden that this incident may cause.