Ambulatory practice vendor Bizmatics reveals it was hacked
An unknown number of providers are affected after the hacking of Bizmatics Inc., a vendor of ambulatory care software and revenue cycle management services.
Bizmatics, in business for more than 15 years and serving 15,000 medical professionals according to its Web site, offers locally hosted and cloud-hosted systems.
Complete Family Foot Care in Lincoln, Neb., is one of the victims and has mailed an initial notice to patients—with a formal HIPAA notice now being mailed—and is offering one year of identity protection services from IdentityForce.
Bizmatics and the practice conducted an investigation to determine which patients may have been affected, but they still don’t really know, the notice from the foot care practice explains.
“Unfortunately, we cannot determine at this time which, if any, of our patients’ files might have been accessed. Bizmatics’ servers contain a large number of patient files from a large number of healthcare providers; it may well be that none of our patients’ files were accessed or compromised in any way. Nevertheless, because of the risk that your information might have been viewed, we think that it is important that you are informed regarding the incident.”
Compromised protected health information may have included names, addresses, Social Security numbers, health insurance numbers, diagnoses and treatments. Credit/debit cards and financial information were not affected at Complete Family Foot Care. The breach occurred sometime in 2015, and the practice was notified in January 2016.
It is not yet clear if all patients potentially affected by the Bizmatics breach will receive protective services, or only those who believe they have become a victim of ID theft. Bizmatics and Complete Family Foot Care did not immediately response to a request for additional information. The HHS Office for Civil Rights also did not respond to a request for information.