The medical device supplier learned shortly after the forms were picked up by its third-party vendor to be mailed to DJO that they may have been lost in transit. The forms may have contained patients’ names, addresses, phone numbers, dates of birth, physician’s names, physician’s locations, product information and health plan identification numbers.
DJO said it has conducted a thorough investigation and doesn’t have any evidence any information has been misused.
The company has taken steps to prevent future incidents, including implementing new quality controls in its mailing processes and retraining its vendor on safeguarding paper records that contain protected health information.
Affected patients who visited the hospital within the specified timeline may qualify for one free year of Experian IdentityWorksSM protection.
More articles on cybersecurity:
Phishing attack at Bronson Healthcare Group may have compromised 8k patients’ information
Ripple’s co-founder now worth more than Google’s Larry Page, Sergey Brin
Microsoft, Amazon, Google scramble on updates addressing chip vulnerability
