The compromised data may include patient names and surgical data, but the hospital says no social security or credit card numbers were compromised.
The breach happened in early February.
Midwest Orthopaedics has mailed letters to 1,256 patients affected.