A remote-monitoring labor service for cardiac devices has resulted in the data breach for Delaware facility. It has also affected another healthcare provider. Wentworth-Douglass Hospital (WDH) had been working with Ambucor Health Solutions. Ambucor recovered thumb drives from one of its former employees which reportedly contained personal information of thousands of patients nationwide.
As per the reports, information of 775 WDH patients was present on the drive. It did no include Social Security numbers, credit card, insurance, Medicaid/Medicare or other financial information. But some personal data may have been exposed which included patients’ names, dates of birth, home addresses, phone numbers, medications, race, testing data, patient identification numbers, medical device information such as the manufacturer, diagnosis, Ambucor enrollment numbers, Ambucor enrollment dates, Ambucor technician names, physician name(s), and the name and address of the practice where the patient was seen.
“While WDH was not directly involved in the breach, it appreciates the importance of protecting the privacy and security of personal information and deeply regrets any inconvenience or concern this incident may cause its patients. Ambucor officials are cooperating with federal investigators and have confirmed they are taking steps to prevent this type of incident from occurring again, including a thorough review of and updates to all HIPAA security processes.”
Ambucor mentioned that there is no indication that the data has been misused. It has offered affected patients with one year of identity protection services. Also, one million of identity theft insurance is offered by Ambucor along with any necessary related recovery services.
Ambucor started investigating activities of a former employee just before his employment ended. It came to know that the former employee had downloaded information to personal storage device from a company-issued computer.
Alertsec Endpoint Encrypt is a cloud-based service that provides password-protected data encryption for all of your business storage devices, whether they are internal to the computer or laptop (like hard drives or Solid State Drives [SSDs]) or external (like thumb drives, external hard drives, writable CDs and DVDs, and memory sticks).