Unauthorized access and data breach

May 31st, 2016 by admin Leave a reply »

The Southeast Eye Institute, PA, or Eye Associates of Pinellas recently suffered a possible healthcare data breach. The incident occurred due to hacking incident.  An unauthorized party accessed patient files which was managed by a third-party vendor.The number of affected patients stands at 87,314 individuals as per Office of Civil Rights (OCR) data breach portal.

“We have learned that Bizmatics became aware of the incident in late 2015, but neither Bizmatics, law enforcement, nor the cyber forensics firm is able to pinpoint the precise date on which the attack began. Bizmatics has communicated to us that it believes the incident began in early 2015.”

Bizmatics Inc, an off-site vendor for Southeast Eye Institute was attacked by hackers. Affected information included names, addresses, telephone numbers, Social Security numbers, dates of birth, and insurance information. The practice reported that medical and financial information was not involved in the event.

Bizmatics Inc mentioned that patient information was segregated into several different files. The purpose was to increase healthcare data security measures. It didn’t mention whether hackers were able to combine all the data. It didn’t confirm the type of patients file which were affected.

Southeast East Institute mentioned that affected patients included who visited the facility an on or before November 16, 2015.

“We have no reason to believe that our patient files were the target of the hackers’ attack on Bizmatics. Due to the nature of the attack, Bizmatics cannot say for certain that PTCOA’s patient files were among the data that was accessed or acquired by the hacker.”

Southeast Eye Institute no longer works with Bizmatics Inc. However, the Bizmatics Inc. contacted the FBI. It also hired a cybersecurity firm to improve its data security measures which includes strengthening firewalls and network configurations.

————————————————————————————————————————————————————-

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption software.

Leave a Reply