Arizona hospital's website down for 2+ months due to security incident

Jackie Drees - Print  | 

Kingman (Ariz.) Regional Medical Center is notifying patients of a potential security incident that has left its website down since April 8, the Daily Miner reports.

The design of KRMC's website made it vulnerable to access from unauthorized users, which allowed certain individuals to view information including names, dates of birth and information related to medical conditions of some KRMC customers that entered their information into the website, according to the report.

The timeframe that the website was vulnerable to unauthorized users is estimated between November 2016 and April 2019 and affected around 1,100 patients who used the website's online appointment request feature.

A KRMC spokesperson told Daily Miner that the security incident "in no-way impacted people's medical records, Social Security numbers or financial information," and that the hospital's recently implemented EHR system was unaffected by the incident because it is hosted on a separate server.

KRMC is currently rebuilding its website to incorporate security safeguards, according to a June 7 notice the hospital published on the website.

More articles on cybersecurity:
How senators are responding to Quest Diagnostic data breach and what it means for healthcare cybersecurity
Opko Health alerts 422,600 patients of data breach
27 hospital, health system data breaches in 2019

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.