University of Iowa Community HomeCare, a home infusion and medical equipment provider affiliated with Iowa City-based University of Iowa Health Care, notified patients of a data security breach that occurred in July.
In a public notice, the organization said an unauthorized individual gained access to its computer system on July 3. Officials shut down servers and brought in cybersecurity experts, restoring the systems within one business day.
An investigation found the intruder had viewed and copied data files tied to Community HomeCare customers and some University of Iowa Health Care patients. The EHR system was not affected, and there is no evidence the information has been misused, the notice said.
The data varied by individual and may have included names, birth dates, addresses, phone numbers, medical record numbers, provider information, dates of service, insurance details, Social Security numbers and visit types.
Letters were mailed Aug. 29 to affected patients, the organization said. Community HomeCare also reported the incident to law enforcement and said it is enhancing monitoring efforts and reviewing its systems to prevent future breaches.
University of Iowa Community HomeCare provides services to patients in Iowa, western Illinois and northern Missouri.
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
