Sequin Dermatology, a solo practice in the region of Seguin, Texas, fell victim to a serious ransomware attack in the time period of mid-September after its server was encrypted.
A contractor was capable to eliminate the ransomware but a forensic examination discovered a high likelihood that protected health information was approached, Robert Magnon, MD, told sufferers in a notice sent initially this month. “Also, it couldn’t be ruled out that confidential data might have been removed from the server,” he further added. Sequin Dermatology was recently struck by ransomware attack
The server didn’t consist of medical records and financial data, but compromised data that involved patient name, address, and telephone number, date of birth, as well as insurance billing information and CPT codes.
An unrevealed number of sufferers also had their Social Security numbers compromised and as an outcome the practice is providing these patients identity and credit monitoring services from Equifax.
“To stop this from happening again, we’re performing a review of our physical and computer security, reassessing our policies of our office and procedures, and performing staff training,” Magnon told sufferers. “We sustain to monitor the case and will notify you as necessary.”
Magnon included a detailed seven-page notice of privacy practices in patient letters explaining their rights to access their electronic health records (EHRs), the capability of patients to share the data as they wish, the ability to ask Magnon to restrict the information he uses or shares, and to know with whom information is being shared. This kind of information normally is not included in notices to sufferers following a breach.
The practice didn’t respond to a request for extra information.
No comments:
Post a Comment