The infertility center on Feb. 27 discovered an unauthorized individual accessed a third-party server containing an EHR database. The database was encrypted and not exposed, according to the Diamond Institute. However, supporting documents — potentially containing patient names, dates of birth, Social Security numbers and lab results, among other information — may have been accessible.
The Diamond Institute notified law enforcement and has been cooperating with their investigation. The incident affected 14,633 individuals, according to HHS’ Office for Civil Rights’ breach portal.
The infertility center automatically enrolled all affected patients in AllClear ID identity protection and credit monitoring services for one year.
Click here to view the full letter.
Editor’s note: Becker’s Hospital Review reached out to Diamond Institute for Infertility & Menopause for comment and will update as more information is available.
More articles on health IT:
Accenture: Top 5 barriers to healthcare IoT adoption
Memorial Hermann agrees to $2.4M HIPAA settlement
Alphabet exec departs to head new mental health startup
