After breaches, 2 providers take different routes with patients
Two more healthcare organizations have reported cyber attacks that resulted in unauthorized access to patient information, but the providers took decidedly different approaches in offering protective services to affected individuals.
Princeton Pain Management in Plainsboro, N.J., discovered on Nov. 28, 2016, that a third party gained unauthorized access to its computer system, and the information at risk involved some 4,668 patients.
Compromised health information included names, addresses, telephone numbers, dates of birth, Social Security or Medicare numbers, driver license or government identification numbers, insurance information, and diagnostic and treatment information.
Despite the sensitivity of much of the data involved in the breach, the organization’s announcement did not include an offer of credit or identity protection services.
Princeton Pain Management, which used its announcement to provide patients with information on how to protect themselves, did not respond to a request for additional information on the incident or its response.
Also See: The 15 top HIT stories of 2016
Six-hospital Verity Health System in California is notifying more than 9,000 individuals after protected health information was accessed by an unauthorized person. On Jan. 6, 2017, the organization detected the hack of its Verity Medical Foundation-San Jose Medical Group web site that is no longer being used. Access was found to have originated between October 2015 and January 2017.
Compromised patient information included names, dates of birth, medical record numbers, home addresses, email addresses, phone numbers and the last four digits of credit card numbers. Social Security numbers and full credit card information was not being compromised, the organization says.
Verity Health System is offering one year of credit monitoring services. The organization did not respond to a request for additional information on the breach or remediation efforts.