Einstein Healthcare Network announced possible data breach when one of its databases was left unsecured on its website. Einstein Healthcare Network is a Pennsylvania-based healthcare network. The incident has affected approximately 3,000 individuals.
According to the reports, Einstein Healthcare Network found that one of its website databases was available to unauthorized users. Accessible information included patient information that was entered by individuals on information form on the healthcare network’s webpage.
EHR systems was not connected to the website. Affected information included patient names, telephone numbers, reasons for submitting requests, healthcare provider names, and health information.Social Security numbers, financial information, or EHR information was not present on the database. Individuals who entered Information on the webpage’s form before feb 2016 were affected.
“It’s important to note that in the data we evaluated, hacking or IT incidents only accounted for about one in 10 data breaches,”said study lead author Dr. Vincent Liu, a research scientist with the Kaiser Permanente Division of Research in Oakland.
“While hacking has garnered a lot of recent attention, a more common reason for breaches is simple theft of unsecured paper or electronic records,” he continued. “Nonetheless, the potential for hacking to result in a large number of compromised records tends to be higher than for other sources of data breaches.”
Einstein Healthcare Network has now secured the website database and removed it from public view. Internal investigation is also ordered by Einstein Health.
A call center was created to answer questions related to this incident. Einstein Healthcare Network also mentioned that it is committed to improving security measures on its website. Healthcare believes that they have no knowledge that any patient information has been used improperly. Notification letters are sent to affected individuals.
According to the statement by Einstein, “To help prevent something like this from happening in the future, we have secured the website database and are enhancing our security measures for the website. We deeply regret any concern this may cause our patients.”
The breach was not result of hacking but due to technical error. Albert Einstein Healthcare Network is a system based in Philadelphia. Healthcare operates as Einstein Medical Center in Philadelphia, MossRehab with locations throughout Philadelphia and Montgomery Counties, Einstein Medical Center Elkins Park, and Einstein Medical Center Montgomery in East Norriton. Rehabilitation beds and skilled nursing beds as well as primary care and specialty physician practices are available in it’s facilities.
Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.