UPMC Hospital experiences data breach

 

A data breach led to the inappropriate access of at least 1,200 Williamsport, Pa.-based UPMC Susquehanna patients' information, the hospital said in a statement Friday.

UPMC Privacy Officer David Samar said officials first learned of the breach Sept. 21 after an employee reported suspicious activity to the information technology staff.

Hospital administrators determined the information -- names, dates of birth, contact information and Social Security numbers -- was accessed through a phishing attack. Mr. Samar said officials cannot confirm if the information has been used for improper purposes.

The hospital has reportedly notified HHS and sent letters notifying affected patients. UPMC Susquehanna has also provided patients with information about how to place fraud alerts on their files with three major credit-reporting agencies and supplied patients with links to additional identity protection resources.

Officials set up a toll-free telephone line for patients to call and share their concerns.

UPMC officials have completed a comprehensive review of the incident and will update current procedures to better secure patient information, according to the notice. Those measures include additional staff education, employment screening and other best practices.

Source: Becker's Hospital Review (View full article)

Posted by Dan Corcoran on November 20, 2017 07:23 AM

Printer friendly Printer friendly

Post a comment