Massachusetts hospital notifies 6,300 patients of vendor data breach

Concord, Mass.-based Emerson Hospital sent letters to 6,314 patients alerting them of a May2018 cybersecurity attack that may have affected their information, according to the HIPAA Journal.

The security incident, which happened between May 9-17, was the result of a former MiraMed Global Services, a company that helps hospitals collect payments, who sent patient files to an unauthorized third party.

Information that may have been affected included names, addresses, Social Security numbers and insurance policy information. Specific health information found within patients' EHR was not compromised.

The MiraMed employee who sent the files has since been fired. It is unclear if the employee has been charged with theft since the company reported the incident to local law enforcement.

A spokesperson for the hospital downplayed the stolen information. "A detailed forensic investigation showed that the files were of such poor quality that a third-party did not find the data useful," the spokesperson said, according to the HIPAA Journal.

Regardless, the hospital is offering patients identity theft protection services.

More articles on cybersecurity:
National Science Foundation awards $1M to Massachusetts university for translational research
Update: 5 more hospitals affected by vendor data breach
Ransomware attack affects 15,000 patients at Michigan health system

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Webinars

Featured Whitepapers