Subcontractor Error Exposes 3,100 Alabama Patients' Medical Data

Decatur, Ala.-based PracMan, a billing company utilized by many Alabama physicians, has announced a subcontractor caused a data breach that exposed the personal and health information of 3,100 patients.

On Jan. 10, PracMan learned an IT subcontractor copied and stored computer files from a PracMan computer to an unsecured server in August 2013. The error occurred when the subcontractor was repairing a PracMan computer.

The patient information stored on the server was showing up in search engine results pages. After learning of the data breach, PracMan immediately had the patients' information deleted from the unsecured server and worked with the subcontractor to remove links to the data on search engine results pages. 

The files stored on the unsecured server contained affected patients' names, account numbers, addresses, telephone numbers, dates of birth, dates of services and insurance policy numbers. Some files also included medical information, and 69 patients' Social Security numbers were saved to the server.

"We go to great lengths to maintain the security of patient data, and we take that responsibility very seriously," said Julian Price III, president of PracMan, in the news release. The company has worked with its subcontractor to "understand fully how the breach occurred to ensure this does not happen again," he said. 

For those patients whose Social Security numbers and dates of birth were exposed, PracMan is providing one year of free credit monitoring.

More Articles on Data Breaches:

5 Ways to Improve Hospital Data Security
Palomar Health Data Breach Affects 5,000 Patients
CHI's Franciscan Medical Group Suffers Data Breach Caused by Phishing Scam 

© Copyright ASC COMMUNICATIONS 2018. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months