West Hills, Calif.-based Center for Orthopaedic Specialists, which is a part of Providence Medical Institute, a physician foundation encompassing a number of practices roped under Renton, Wash.-based Providence Health & Services, reported computer systems at three of its facilities were compromised by a malicious software that encrypted patient data and demanded money to restore the clinics' access.
The three California-based facilities — West Hills, Simi Valley and Westlake Village — received notice from its third party IT vendor that an unauthorized individual illegally accessed COS's computer network. It immediately launched an investigation into the incident, which determined the unauthorized party began attempting to break into its system Feb. 18, 2018. The affected system had been permanently taken offline before any patient information could be removed, and a hospital spokesperson told Becker's Hospital Review there's no indication that any patient information was downloaded.
Affected patient data may have included patients' names, dates of birth, details about their medical records and Social Security numbers. However, COS doesn't believe any patient information was downloaded or removed by the unauthorized party. Out of an abundance of caution, COS is notifying 85,000 patients and former patients. The spokesperson clarified it is "a high number as a precaution and to be respectful of all patients of the practice who may have concerns."
More articles on cybersecurity:
5 popular clinical process improvement vendors, as ranked by KLAS
Lancaster General Health partners with private equity firm to launch $300M precision medicine fund
Philips posts $4.8B in sales for Q1, dips 2% from 1 year prior: 4 things to know