25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Integrated Health Solutions Notifies 20K Patients of EHR Breach

Posted By on Jun 2, 2016

Easton, Pennsylvania-based healthcare provider Integrated Health Solutions P.C., has notified 19,776 of its patients that their protected health information may have been accessed by a hacker.

The sleep medicine specialists were informed of a security breach by EHR vendor Bizmatics on March 30, 2016. Bizmatics was unable to confirm whether Integrated Health Solutions patient data had been viewed or copied by the unauthorized individual who gained access to its servers, but the company was unable to rule out the possibility. Patients’ names, addresses, health information, and Social Security numbers were stored on the compromised server.

Bizmatics provides EHR/EMR software solutions to approximately 15,000 healthcare providers in the United States. The company has not disclosed exactly how many of its clients were affected by the breach, although a number of healthcare providers have now issued breach notifications to patients and have informed the Department of Health and Human Services’ Office for Civil Rights of the breach.

Florida-based Eye Associates of Pinellas appears to be the worst affected, having been informed that as many as 87,314 of its patients have potentially been affected. A number of other healthcare providers have had to inform thousands of their patients of the potential accessing of their PHI.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

It is too early to tell exactly how many patients in total have been affected by the security breach, although the figure is certainly in the hundreds of thousands, making it one of the largest healthcare data breaches reported in 2016.

According to breach notices issued by other victims of the Bizmatics breach, access to the company’s servers was believed to have first occurred in early 2015, although neither Bizmatics, the computer forensics company contracted to investigate the breach, nor law enforcement have been able to determine exactly when access was first gained. Bizmatics discovered the breach in late 2015.

According to the breach notice issued by Integrated Health Solutions, the company is working with its vendor to ensure that the incident is addressed and has reassured patients that data security protections will be reviewed to reduce the probability of a recurrence of the breach.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist