Dedicated to providing the latest
HIPAA compliance news

3,365 Patients’ Billing Records Potentially Stolen by Hacker

Share this article on:

Atlanta-based Skin Cancer Specialists, P.C., has announced a data security incident has been discovered that has resulted in the exposure of the billing records of 3,365 patients.

An unauthorized individual was discovered to have gained access to the healthcare provider’s system on October 15, 2016, with the intrusion detected on February 2, 2017.

The system contained the billing records of 3,365 patients. Those records included patients’ names, addresses, telephone numbers, dates of birth, medical record numbers, physician information and health insurance details. Financial information and Social Security numbers were not viewed or obtained by the attacker.

Skin Cancer Specialists hired a cybersecurity firm to conduct a thorough investigation into the breach to determine how access was gained. Action has now been taken to secure its systems to prevent further cyberattacks.

No evidence of inappropriate use of the billing records was uncovered during the investigation, although patients have been advised to check their explanation of benefits statements for any sign of fraudulent use of their health insurance information. Patients were notified of the breach by mail on April 3, 2017.

Healthcare Hacking Incidents Have Increased by 26% in 2017

2016 was a particularly bad year for healthcare data breaches, with more reported breaches of patient health records than in any other year since the Department of Health and Human Services’ Office for Civil Rights started publishing data breach summaries on its ‘Wall of Shame’.

However, 2017 looks set to be even worse. Healthcare hacking incidents have increased in 2017, with 26% more incidents discovered during the first three months of 2017 than in the corresponding period in 2016.

Up to March 31, 2017, OCR received reports of 24 healthcare hacking/IT incidents, resulting in 811,343 healthcare records being exposed or stolen. 10 of those incidents have been reported in the past 30 days.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On