Wyoming hospital alerts nearly 18,000 patients of data breach

Cheyenne (Wyo.) Regional Medical Center is notifying 17,549 patients of a security incident that may have exposed their protected health information.

In April, CRMC noticed suspicious activity in employee payroll accounts. Upon investigation, the hospital determined that a limited number of employee email accounts were accessed by an unauthorized third party. CRMC believes that the unauthorized individual was focused on gaining access to payroll information.

Patient data that may have been exposed includes names, dates of birth, Social Security numbers, driver's license numbers, dates of service, provider names, medical record numbers, patient identification numbers, medical information, diagnoses, treatment information, health insurance information and financial information.

There is no evidence that patient information has been misused.

"Information privacy and security are among our highest priorities. CRMC has strict security measures in place to protect information in our care. Upon learning of this incident, CRMC took steps to confirm and further strengthen the security of our systems, including our email accounts. As a precautionary matter, CRMC also notified law enforcement and continues to review its security policies and procedures as part of its ongoing commitment to information security," CMRC said in a statement. 

More articles on cybersecurity:
Florida clinic to pay $85K for violating HIPAA records access rule 
Wyoming hospitals hit by cyberattacks almost daily, state hospital association says
4 things to know about Zeppelin, a ransomware targeting healthcare organizations

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Whitepapers

Featured Webinars