Highlands-Cashiers Hospital notifying 25k patients of potentially exposed data

A third party vendor handling patient information for Highlands-Cashiers Hospital in Highlands, N.C., inadvertently left patient data accessible online, prompting the hospital to notify 25,000 patients that their data may have been at risk.

The hospital contracts with TruBridge, the wholly owned services subsidiary of CPSI, to handle specialized computer services. On Sept. 29, the hospital conducted a data security screening that found TruBridge left servers containing information such as names, addresses, birth dates, treatment information, diagnoses, health insurance information and some Social Security numbers accessible through the Internet.

Highlands-Cashiers hospital hired forensic computer investigators and did not find any evidence that the information was accessed through the Internet. The hospital "took immediate steps" to have TruBridge secure the servers and ensure the information is no longer accessible through the Internet.

The hospital says the incident is not considered a data breach because "there's no evidence that the information was accessed or used in any way," said Craig James, president of Highlands-Cashiers Hospital in a WLOS report.

More articles on data breaches:

University at Albany home to new cybersecurity, data breach research library
UMass faces class-action lawsuit for data breach
Northfield Hospital & Clinics reports data breach

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars