Munson Healthcare is providing notice pertaining to a recent incident experienced by a third-party electronic health record (EHR) vendor, Cerner. Because the vendor provides services to Munson, personal information may have been involved in this incident.
Munson learned that an unauthorized third party gained access to and obtained data that was maintained by the vendor. The vendor has determined through an investigation that, at least as early as January 22, 2025, an unauthorized third party gained access to personal health information on legacy Cerner systems. The vendor later informed Munson that law enforcement investigators directed a delay in notifying patients, as well as hospital customers, about this incident because it could have impeded their investigation.
The impacted data may have included names, Social Security numbers, and information included within patient medical records, such as medical record numbers, doctors, diagnoses, medicines, test results, images, care and treatment.
Munson is coordinating closely with the vendor. As soon as the vendor learned of the incident, the vendor initiated its critical incident response process and took steps to secure the impacted systems. The vendor also began an investigation and engaged external cybersecurity specialists to help. The vendor also engaged with federal law enforcement.
Study Outlines Hand Hygiene Guidelines for EVS Staff
McCarthy Completes $65M Sharp Rees-Stealy Kearny Mesa MOB Modernization
Florida Cancer Specialists & Research Institute Opening of St. Petersburg Bayfront Location
Healthcare Workers Need Better Workplaces
Protecting Patients Through Design and Compliance at Altru Health System