In November, Spectrum Healthcare Partners discovered that an unauthorized third party had gained access to an employee’s email account. That employee worked at Central Main Orthopaedics, which is part of Spectrum Healthcare Partners.
Patient data that may have been exposed included names, dates of birth, addresses, financial balances, health insurance information and other clinical and treatment information. Only patients who received care at Central Maine Orthopaedics were affected.
Spectrum Healthcare Partners said there is no evidence that patient information has been misused. The health system is recommending patients review any statements they receive from healthcare providers and insurers.
“To help prevent something like this from happening again, we are reviewing and further strengthening our internal IT security policies and procedures, providing more stringent security training for staff, and implementing stronger technical controls,” Spectrum Healthcare Partners said in a news release.
More articles on cybersecurity:
Health systems should update computer systems in wake of Iran tensions, H-ISAC says
3 cybersecurity predictions for 2020
Former NYC hospital employee pleads guilty to hacking coworkers’ emails
