Recent cases of potential health data breaches include a cybersecurity breach, unauthorized access, and a stolen desktop computer.
– Flint, Michigan-based Singn and Arora Oncology Hematology is notifying 22,000 patients that some of their information may have been accessed in a cybersecurity breach, according to an ABC12 report.
An unauthorized user reportedly accessed one of the organization’s servers between February 2016 and July 2016. However, the practice did not become aware of the incident until August 2016.
Patient names, Social Security numbers, and insurance information were contained in the files. While there is no indication that the data was used for malicious purposes, Singn and Arora explained in its letter that it cannot say with complete certainty that the information was not compromised.
Potentially affected patients are being offered one year of complimentary free credit monitoring services.
10K impacted by unauthorized website access in Calif.
Verity Health System in California recently reported that an unauthorized third party may have accessed the personal information of “more than 9,000 individuals.”
Verity Health detected the access on January 6, 2017, and that it occurred on the Verity Medical Foundation-San Jose Medical Group website. The website is no longer in use but “immediate steps” were taken to secure it. The access reportedly took place between October 2015 and January 2017.
Potentially affected information included patient names, dates of birth, medical record numbers, addresses, email addresses, phone numbers and the last four digits of credit card numbers. However, full credit card numbers and Social Security numbers were not included. The data was also from 2010 to 2014.
While Verity reported 9,000 affected individuals in its statement, the OCR data breach reporting tool states that 10,164 were likely impacted.
“Verity Health System takes the security of our patients’ information seriously, and we regret that this incident occurred,” Verity Health CEO Andrei Soran said in a statement. “We took immediate steps to investigate this incident, notify the affected individuals and appropriate authorities, and ensure enhanced protection of our information systems going forward. We are working with a leading cyber-security firm to further evaluate the integrity of our information systems.”
Verity established a call center to answer questions and will also be offering potentially affected patients one free year of credit monitoring services.