Healthcare Administrative Partners warns 18,000 patients of data breach

Medical billing and coding provider Healthcare Administrative Partners is notifying 17,693 patients of a data breach that may have exposed their protected health information.

In September, HAP determined that an employee's email account was accessed by an unauthorized individual. Upon learning of the incident in June, HAP consulted computer forensic experts to investigate.

Patient data that may have been exposed included names, addresses, dates of birth, medical record numbers, physician names, prescriptions, medical diagnosis and limited treatment information.

HAP said there is no evidence that patient information has been misused. After the incident, HAP immediately reset employee passwords.

"HAP has taken steps to prevent this kind of event from happening in the future. Since the incident, all passwords have been reset, external emails are now labeled as external, mailbox size restrictions and archiving requirements have been implemented, and HAP is evaluating options for multi-factor authentication and retraining employees on recognizing and responding to suspicious emails," the provider said in a statement online.

More articles on cybersecurity:
Michigan insurer alerts members of data breach
Sentara Hospitals agrees to $2.2M HIPAA settlement for incorrectly reporting data breach
16 cybersecurity incidents in November

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers