Recent information breaches impacting Florida's Palm Beach County Health Department, Wisconsin's Oneida Health Center and Arkansas' Pain Treatment Centers of America (PTCOA) and Interventional Surgery Institute (ISI) have revealed more than 23,000 patients' personal data.
In accordance to PTCOA and ISI, the personal information of 19,397 of their sufferers was exposed when data servers belonging to 3rd-party vendor Bizmatics were hacked. Bizmatics owns and functions the EHR and practice management tool PrognoCIS, which is utilized by PTCOA and ISI, among others.
Because PrognoCIS stores and arranges sufferer files, the hacker may have approached patient names, addresses, health insurance data, health visit data, license numbers of driver and, in few cases, Social Security numbers.
"Bizmatics has discussed with law implementation and has employed an independent cyber forensics firm to inquire and assure the intrusion is contained and the affected networks are better protected," PTCOA and ISI CEO Bill McCrary wrote in the notification letter. "We have noticed that Bizmatics became aware of the tragedy in the late 2015, but neither Bizmatics, law implementation, nor the cyber forensics firm is capable to notice the accurate date on which the attack started."
All those affected are being offered a free one-year membership in Experian's ProtectMyID Alert service.
The Oneida Health Center in Wisconsin recently declared that on the day of February 17, 2016, a flash drive consisting of patient data was stolen from its dental offices. The drive arranged 2,734 patients' names, dates of visits, dental patient identification numbers, and dental insurance identification numbers.
However the theft was found on the similar day and police were instantly notified, the drive has not been recovered.
"To stop a reoccurrence of this kind of isolated internal tragedy, we are applying the following steps: reviewing and implementing administrative processes regarding the utilization of flash drives and implementing suitable technological safeguards regarding to their security and storage," the center stated in a statement.
And the Florida Department of Health recently declared that federal law enforcement authorities had gained a list of 1,076 Palm Beach County Health Department patients' names, Social Security numbers, birthdates, phone numbers, Medicaid numbers, and medical record numbers.
"The feds acquired this list," department spokesman Tim O'Connor informed the Modern Healthcare. "We do not know how."
"The Department of Health takes its duty of protecting the client's personal data very critically. And is keenly know that how significant this data is to everyone and is completely committed to protecting all confidential data," the department stated in a statement. "The department trains staff on the significance of securing protected health data by needing annual HIPAA and Privacy and Information Security training to all workers."
No comments:
Post a Comment