Alcohol and substance abuse patients in San Juan County, New Mexico suffered data breach due to hacking incident. According to the official statement, San Juan County mentioned that an outside entity had gained access to a county-owned computer. The device contained PHI and was accessible to hacker for half an hour. Affected information included names, addresses, health assessments, treatment information, and medication information.
Health information of participants in two treatment programs that collected PHI was viewed by hackers. Both the programs were created to help individuals in the criminal justice system for the cases related to drunk driving or substance abuse violations. The treatment programs support offenders to recover from drug and alcohol addictions.
“We take your privacy and protection very seriously and we deeply regret that this incident occurred,” reported the notice. “We are now in the process of reviewing our internal policies and data-management protocols and will be implementing enhanced security measures to help prevent this type of incident from recurring in the future.”
According to the statement, no other information other than mentioned above was disclosed in the possible healthcare data breach.
“Upon learning of the incident, SJC immediately took steps to investigate the incident and to ensure that no additional information may have been put at risk. SJC completed a forensic computer investigation and has found no evidence that this information was accessed by the intruder or removed from the computer.”
Healthcare data security measures and patient privacy policies are analysed and improved after the incident.
SJC advised patients for following –
Contact SJC at the phone number provided below. SJC will determine if your information was potentially affected. SJC can then provide complimentary identity repair and protection services, at no cost to you.
Although financial account details were not affected by this incident, as a general precaution we recommend that you review your credit and debit card account statements as soon as possible to determine if there are any discrepancies or unusual activity listed.
Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.