In October 2015, CoPilot’s database, which healthcare professionals use to advise patients on whether certain treatments are covered by insurance, was illegally accessed. The data of 220,000 patients — including names, genders, dates of birth, addresses, phone numbers, health insurance information and occasionally Social Security numbers — was accessed.
CoPilot learned of the situation on Dec. 23, 2015. After an investigation, CoPilot learned that financial information and medical treatment records were not accessed. CoPilot “does not have evidence to suggest that any patient information was distributed or misused for purposes of identity theft or to cause financial harm.”
The organization mailed notification letters to patients impacted by the breach and set up a call center to answer their questions. CoPilot is also offering theft protection services to affected patients.
More articles on health IT:
Report: 30% of breaches reported to HHS can be attributed to third party vendors
Puerto Rico life insurance company to pay $2.2M HIPAA settlement
Athenahealth strategically invests in The Right Place
