A letter has been sent to some people who visited Flowers Hospital, warning them of a possible theft of patient information.
Dothan attorney Aaron Gartlan said one of the people who received a letter from Flowers has contacted him with concerns.
“Right now we’re just trying to determine what has happened,” Gartlan said. “What has happened with this person is they’ve gone and filed their taxes and were informed their taxes were already filed. It appears this former (Flowers) employee may have already filed their taxes.”
According to a copy of the letter obtained by the Dothan Eagle, the hospital discovered on Feb. 26 that an employee in a laboratory had been taking lab forms containing patients’ personal information, and that he may have attempted to use that information to file fraudulent tax returns.
The letter also said the hospital fired the laboratory employee and that the employee has been arrested. It also told the patient that the hospital has been cooperating with the law enforcement agencies investigating the crime, which included the Internal Revenue Service and the U.S. Postal Service.
Flowers Hospital Chief Executive Officer Suzanne Woods declined to speak much on the record because of the hospital’s cooperation with the authorities.
“The authorities that we’re working with have asked us not comment so as not to jeopardize their investigation and we are respecting their wishes,” Woods said.
The letter also said the hospital conducted their own internal investigation, which revealed the files were stolen from the hospital between June 2013 and February 2014. Information included in the files may have included names, addresses, dates of birth, Social Security numbers and health plan policy numbers. The stolen forms also showed the names of the lab tests, and sometimes the diagnosis, but the forms did not include the results from the lab tests.
The hospital encouraged people in the letter to sign up for a free identity theft protection service. The hospital offered a one-year membership to the identity protection plan. The letter included a phone number for people to call to activate the identity protection plan. It gave people a deadline of June 30 to call and activate the membership.
The letter sent out was dated April 15.
The hospital also recommended in the letter that people contact the IRS by phone through a 1-800 number and a similar number the Federal Trade Commission.
The hospital also encouraged the patient to notify their credit card companies and other financial institutions of the possible identity theft.
The letter is signed by Patti Hatcher, the facility privacy officer, who in the letter said that the hospital regretted the incident occurred.
Hatcher also told the patient in the letter that similar lab forms have now been moved to a supervisor’s office that is locked when unattended.
The Dothan Eagle has not been able to confirm any arrests have actually been made by law enforcement investigating the identity theft.
Calls were not returned by officials with the U.S. Department of Justice.
Assistant U.S. Attorney Clark Morris in the Alabama U.S. Attorney’s Office said she was not aware of any arrests made by the federal government in connection to an identity theft involving Flowers Hospital.
Houston County Sheriff Andy Hughes and Dothan police spokesperson Sgt. Maurice “Mac” Eggleston said they were not familiar with the possible identity theft.
Follow Matt on Twitter @ElofsonMatt.