HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

3,365 Patients’ Billing Records Potentially Stolen by Hacker

Atlanta-based Skin Cancer Specialists, P.C., has announced a data security incident has been discovered that has resulted in the exposure of the billing records of 3,365 patients.

An unauthorized individual was discovered to have gained access to the healthcare provider’s system on October 15, 2016, with the intrusion detected on February 2, 2017.

The system contained the billing records of 3,365 patients. Those records included patients’ names, addresses, telephone numbers, dates of birth, medical record numbers, physician information and health insurance details. Financial information and Social Security numbers were not viewed or obtained by the attacker.

Skin Cancer Specialists hired a cybersecurity firm to conduct a thorough investigation into the breach to determine how access was gained. Action has now been taken to secure its systems to prevent further cyberattacks.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

No evidence of inappropriate use of the billing records was uncovered during the investigation, although patients have been advised to check their explanation of benefits statements for any sign of fraudulent use of their health insurance information. Patients were notified of the breach by mail on April 3, 2017.

Healthcare Hacking Incidents Have Increased by 26% in 2017

2016 was a particularly bad year for healthcare data breaches, with more reported breaches of patient health records than in any other year since the Department of Health and Human Services’ Office for Civil Rights started publishing data breach summaries on its ‘Wall of Shame’.

However, 2017 looks set to be even worse. Healthcare hacking incidents have increased in 2017, with 26% more incidents discovered during the first three months of 2017 than in the corresponding period in 2016.

Up to March 31, 2017, OCR received reports of 24 healthcare hacking/IT incidents, resulting in 811,343 healthcare records being exposed or stolen. 10 of those incidents have been reported in the past 30 days.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.