A Connecticut-based podiatry group has been facing a possible healthcare data breach. The incident has impacted approx. 40,491 individuals after hackers accessed network services.Some external party had gained access to Stamford Podiatry Group’s systems, including its EHR database. The intruder is suspected to have viewed patient information between February 22 and April 14, 2016. Healthcare group has ordered a forensic investigation and terminated the unauthorized user’s access to its systems.
“Although we have not been able to confirm that your personal information was accessed and copied, we have not been able to rule out that possibility and encourage you to take … protective measures,” the organization mentioned.
Personal information involved in the healthcare data security event included medical histories, treatment information, names, Social Security numbers, dates of birth, genders, marital statuses, addresses, phone numbers, email addresses, names of doctors, and insurance information.
Stamford Podiatry Group’s Vice President Rui DeMelo, DPM, FACFAS, wrote in the letter “We have also implemented and are continuing to implement additional security measures designed to protect our systems against future intrusions. We have retained cybersecurity experts to assist us in these efforts.”
While there is no evidence yet that the personal information is being misused, the organization is still offering its patients a year of credit monitoring. Healthcare group has attempted to notify all affected patients. Individuals have also been advised by Stanford Podiatry Group to monitor financial and medical accounts for potential identify theft.
According to the recent reports by Department of Health and Human Services Data, more than 120 million people have been affected in more than 1,100 separate breaches at organizations handling protected health data since 2009.
“That’s a third of the U.S. population — this really should be a wake-up call,” said Deborah Peel, the executive director of Patient Privacy Rights.
Alertsec has created a web based encryption service that radically simplifies deploymentand management of PC encryption by using industry leading Check Point Full DiskEncryption software.