Martin Army Hospital warns patients of possible HIPAA breach

All patients who received care through the Martin Army Community Hospital healthcare system are being alerted that a possible HIPAA breach occurred at Fort Benning between January 2011 and December 2013.

According to a news release on Sunday, the breach was discovered after the hospital was alerted of undetected criminal activity involving identity theft by an employee in the laboratory shipping section.

The employee was removed from work in January 2014. The release said he went to trial and is serving time for the crime. No other details were released.

As a member of a large tax fraud ring, filing fraudulent tax returns with the IRS through information gained from discarded lab specimen labels, the employee randomly took protected health information and protected identifiable information, such as names, dates of birth and Social Security numbers. It is unknown how many labels were taken and how much information was used.

The hospital was notified by law enforcement in January 2014. After an extensive investigation of computers and computer systems, the Criminal Investigation Division did not detect the employee taking information from the electronic health record.

Neither the Department of Justice nor the IRS, which were the primary agencies conducting the investigation, can release the names to U.S. Army officials for proper protected health information breach notification.

The IRS has contacted those affected by fraudulent tax filings.

Letters are being mailed to all patients seen at the hospital between January and April 2013.

Please call the MEDCOMHotline at 1-800-984-8523 about any questions.

If any patient believes they were the victim of identity theft through fraudulent tax returns, please contact the IRS at 1-800-908-4490 or www.irs.gov

This story was originally published October 2, 2016 at 2:50 PM with the headline "Martin Army Hospital warns patients of possible HIPAA breach."