As per the report, a former Ambucor employee reportedly downloaded certain information without proper authorization.
“Ambucor has been working with federal law enforcement concerning this incident and has been cooperating fully in the ongoing investigation. As a result of those ongoing efforts, federal law enforcement authorities recently provided Ambucor with two thumb drives that this former employee turned over to them after his departure from Ambucor.”
Potentially affected information included patients’ first and last name, phone number, diagnosis, medications, date of birth, race, home address, testing data (i.e., type of test, test results, date of test and whether testing was monthly or not), patient identification number, medical device information (i.e., manufacturer, identification number, and model/serial numbers), Ambucor enrollment number, Ambucor enrollment date, Ambucor technician name, physician name(s), and the name and address of the practice where the patient was seen.
Ambucor believes that there is no indication that the information has been misused. One year of complimentary identity protection services is offered by the facility. As per the OCR reporting tool, incident affected 1,878 individuals.
Earlier Ambucor breach has affected at least two other healthcare providers which includes Wentworth-Douglass Hospital (WDH) and Greenville Health System (GHS).
As per the statement on the website, affected individuals are advised to take below steps:
Billing statement reviewing
Suspicious activity should be reported to the concerned authorities
Obtain copies of medical files and see for any inaccuracy. Contact each doctor, clinic, hospital, pharmacy, laboratory, and location where unauthorized individual may have used your information.
Alertsec helps you comply with HIPAA, PCI and SOX requirements.