A security breach at Greenville, S.C.-based St. Francis Physician Services' former medical center may have compromised data from more than 32,000 patients, HIPAA Journal reports.
Affected patient records from Greenville-based Milestone Family Medicine, a medical center previously affiliated with SFPS, include information such as names, addresses, health insurance information, Social Security numbers and dates of birth.
SFPS posted a statement on its website detailing the cyberattack, which the health system discovered Jan. 4. SFPS hired a third-party forensic firm to investigate the security breach and found that an unauthorized person gained access to Milestone Family Medicine's systems. No patient information was found to have been misused.
SFPS is mailing notification letters to patients affected and is providing free credit monitoring and identity protection services to individuals whose Social Security number was affected. The HHS Office for Civil Rights recorded 32,178 Milestone Family Medicine patients were affected.
"We deeply regret any concern this may cause," SFPS wrote in the statement. "To help prevent something like this from happening in the future, we are enhancing technology management and information security risk oversight."
Milestone Family Medicine was affiliated with SFPS, which employed physicians at its practice, until Feb. 24. SFPS told HIPAA Journal its choice to end its relationship with Milestone Family Medicine was not related to the security breach.