Published on July 10, 2019

Notification of protected health information breach

Essentia Health is notifying more than 1,000 patients that their protected health information may have been at risk when a former vendor of Essentia Health’s fell victim to a phishing incident. 

Essentia Health is not aware of any actual or attempted misuse of this information, but as a trusted health care provider, it is important to us that our patients are made aware of this disclosure so they can take steps to protect themselves.

Essentia Health previously worked with a third-party vendor, Nemadji Research Corporation (aka “Nemadji”), to assist with billing services. To ensure prompt and appropriate delivery of these services, Essentia Health provided Nemadji with information about some of our patients.

Respecting its contractual obligations to Essentia and the strict federal privacy requirements imposed on third party vendors, Nemadji recently notified Essentia Health that patient information may have been compromised during an email phishing incident. 

Steps are being taken to thoroughly investigate the incident and ensure that the privacy of patient information is maintained.

Essentia values the trust that our patients place in us. “Please be assured that Essentia Health is taking this incident very seriously,” says Julene Brown, Essentia Health Chief Compliance Officer.  “Patient privacy is crucially important to us and we apply significant time and resources to safeguard all patient-related information. We apologize for any inconvenience this may cause our patients.”

All patients affected are being offered free credit monitoring services.

While letters were mailed to all patients who were impacted by this incident, questions from patients and the community about this incident can be directed to 218-786-6404, Monday through Friday, 8:00 a.m.-4:30 p.m.