A former employee at revenue cycle management vendor Med-Data uploaded patient information from Houston-based Memorial Hermann Health System and University of Chicago Medicine sometime during or before September 2019, according to a March 31 Chicago Sun-Times report.
Five things to know:
1. Med-Data notified Memorial Hermann and UChicago Medicine of the breach March 31. The company said it discovered the incident in December, CBS affiliate KHOU reports.
2. An internal investigation found that a former Med-Data employee saved client files to personal folders created on a public-facing website sometime during or before September 2019. Med-Data removed the files Dec. 17, 2020.
3. UChicago Medical Center said almost 900 of its patients may have been affected by the security breach at Med-Data, according to the Chicago Sun-Times.
“The exposure of information occurred on Med-Data’s end,” the hospital said in a statement. “At this time, the company has confirmed it has no knowledge of any actual or attempted misuse of the information of our patients.”
4. The files uploaded to the website contained information including patients’ names and in some cases birthdates, Social Security numbers, addresses and healthcare data.
5. Med-Data did not say whether it would press charges against the former employee who uploaded the information. The company is offering affected individuals a free year of credit monitoring and identity theft protection services.
More articles on cybersecurity:
Does a vaccine passport violate HIPAA? Experts weigh in
More than 1 million affected by data breaches in March
Humana employee identities being used to file fraudulent unemployment claims
© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.
Source: on 2021-04-01 10:26:15
Read More At Source Site