The Pain Treatment Centers of America (PTCOA) and Interventional Surgery Institute (ISI), a healthcare network in Arkansas suffered a potential data breach. The incident came to notice when a vendor mentioned about hacking incident. According to OCR’s Tool, 19,397 individuals were possibly affected by the data security incident.
PTCOA and ISI mentioned that EHR and healthcare practice management tool operated by Bizmatics, a third-party vendor is used by them to manage patient files and contains the medical records of all its patients.
According to the PTCOA notice,“Your patient information is important to us, and we select vendors to help us better manage and secure that information. As such, security is the number one priority for our technology vendors, including Bizmatics.”
Unauthorized outside party accessed Bizmatics data server which stored customer records. Bizmatics collaborated with law enforcement officials and a cyber forensics firm to investigate the the incident. After the audit, Bizmatics mentioned the affected systems are secured.
“We have no reason to believe that our patient files were the target of the hackers’ attack on Bizmatics,” wrote PTCOA and ISI. “Due to the nature of the attack, Bizmatics cannot say for certain that PTCOA’s patient files were among the data that was accessed or acquired by the hacker.”
PTCOA also mentioned following in the statement,
“We are taking this issue seriously and have retained Experian, an industry leader in credit monitoring and identity theft recovery, to help patients monitor this situation in the coming months. We are offering a complimentary one-year membership of Experian’s® ProtectMyID® Alert. “
PTCOA advice following steps to the users –
- Review your account statements and credit reports and notify law enforcement and us of suspicious activity
- Consider placing a fraud alert or a security freeze on your credit files
- Protect your Passwords
- Fight “phishing” – don’t take the bait
Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.