A cybersecurity breach at HealthEC, LLC, a population health management platform that provides services to Corewell Health’s southeastern Michigan properties, has reportedly affected more than one million Michigan residents, Attorney General Dana Nessel announced. HealthEC is a Corewell Health vendor providing services to “identify high-risk patients, close gaps in care, and recognize barriers to optimal care.” Notice letters were mailed to impacted persons by HealthEC on December 22, 2023. While not all persons have the same impacted data, the impacted data can include: name; address; date of birth; Social Security number; medical record number; medical information, such as diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name; health insurance information, including beneficiary number, subscriber number, Medicaid and/or Medicare identification number; billing and claims information, including patient account number, patient identification number, and treatment cost information.
