Essentia Health said Wednesday it is notifying more than 1,000 patients that their protected health information may have been at risk when a former vendor fell victim to a phishing incident.  

Essentia Health is not aware of any actual or attempted misuse of this information, the company said in a prepared statement, but noted it's important that patients are made aware of this disclosure so they can take steps to protect themselves.

Essentia previously worked with a third-party vendor Nemadji Research Corp. to assist with billing services. To ensure prompt and appropriate delivery of these services, Essentia Health provided Nemadji with information about some of our patients.

Respecting its contractual obligations to Essentia and the strict federal privacy requirements imposed on third party vendors, Nemadji recently notified Essentia Health that patient information may have been compromised during an email phishing incident. 

Steps are being taken to thoroughly investigate the incident and ensure that the privacy of patient information is maintained.

“Please be assured that Essentia Health is taking this incident very seriously,” said Julene Brown, Essentia Health Chief Compliance Officer.  “Patient privacy is crucially important to us and we apply significant time and resources to safeguard all patient-related information. We apologize for any inconvenience this may cause our patients.”

All patients affected are being offered free credit monitoring services.

While letters were mailed to all patients who were impacted by this incident, questions from patients and the community about this incident can be directed to 218-786-6404, Monday through Friday, 8:00 a.m.-4:30 p.m.