Former Microsoft employee arrested for stealing 1.2M patient records

A data breach imperiling more than 1.2 million patient records has occurred at Geisinger Health System, according to a notification published on the U.S. Department of Health and Human Services website. 

A terminated employee of Nuance Communications, a subsidiary of Microsoft, allegedly accessed the patient records after their firing in November of 2023, Geisinger said in a statement

In response to a federal investigation into the incident, Nuance requested the health system delay notifying patients about the breach. Now that the former employee has been officially charged with a crime, Geisinger has triggered the typical HIPAA-required response to send notifications to those impacted.

The breach is being completely attributed to the one former employee, who has yet to face trial or be convicted of a crime. The data stolen includes personal information on patients, including names, birth dates, contact information, demographic information and medical record numbers. However, there is no evidence details on care delivery or insurance information were accessed, Geisinger said. 

Additionally, social security numbers were also not stolen. However, Geisinger said it will be offering identity protection services to the patients whose data was taken. 

“Our patients’ and members’ privacy is a top priority, and we take protecting it very seriously,” Jonathan Friesen, chief privacy officer at Geisinger, said in the statement. “We continue to work closely with the authorities on this investigation, and while I am grateful that the perpetrator was caught and is now facing federal charges, I am sorry that this happened.”

That 1.2 million figure represents most of the patients the health system sees each year. Geisinger operates 10 hospitals and more than 100 other care centers nationwide. The health system is headquartered in Pennsylvania. 

Chad Van Alstin Health Imaging Health Exec

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”