Dedicated to providing the latest
HIPAA compliance news

Surgeon General Warns Employees of Personal Information Breach

Share this article on:

Another federal agency has experienced a breach of personal information. This time, the data of current, former, and retired members of the United States Public Health Service Commissioned Corps has been compromised.

The Commissioned Corps is tasked with providing medical services to underserved populations as well as promoting, protecting, and advancing the health and safety of the nation, including disease control, and ensuring drugs and medical devices are safe and effective.

The Commissioned Corps., includes around 6,600 medical professionals including physicians, surgeons, therapists, pharmacists, dentists, and nurses. At this stage it is unclear exactly how many of those individuals – and former and returned members – have been affected by the breach.

The security incident is currently under investigation, although employees have been notified by email of the breach by Surgeon General Vice Adm. Vivek H. Murthy. “Based on our investigation, affected individuals are those served by this website-based system: current, retired, and former Commissioned Corps officers and their dependents.”

According to the Washington Post, the Commission learned of the breach on September 20. A system used to “process payroll, leave, time, attendance, and other functions” appears to have been accessed by unauthenticated users. The website portal that was breached has been taken offline while the investigation is conducted and will likely remain down until the investigation has been completed.

Employees have been warned to be alert to potential misuse of their data and have been advised to obtain a credit report. Karen B. DeSalvo, HHS Acting Assistant Secretary for Health has suggested affected individuals may be offered credit monitoring services, although not at this stage.

At this moment in time efforts are being directed to learning more about the breach, how access was gained to data, and what measures can be implemented to prevent future attacks. DeSalvo has indicated further information will be provided to affected employees as and when it becomes available.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On