Mercy Iowa City (Iowa) has reported a privacy incident after learning a computer virus designed to capture personal data potentially infected some of its systems.
While Mercy Iowa City reports there is no evidence any patient information has been improperly used, they said they cannot rule out the possibility that an outside source may have improperly accessed "limited portions" of patient information, including names, birth dates, addresses, clinical information and health insurance information. Additionally, some Social Security numbers may have been exposed.
The virus took hold Jan. 26, and Mercy Iowa City learned of the virus Jan. 29 from law enforcement. The hospital secured the computer systems and launched an internal investigation, according to a statement.
The hospital says it has enhanced existing technical safeguards to help prevent another incident like this from happening again.
More articles on data breaches:
Verizon's data breach response division ironically gets hacked
21st Century Oncology faces 4 lawsuits following data breach
HealthCare.gov hit with 316 security incidents in 18 months