HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

AMCA Data Breach Total Nears 25M as Wisconsin Diagnostic Laboratories Confirms 115K Record Breach

The victim count from the American Medical Collection Agency (AMCA) data breach has risen to almost 25 million as yet another healthcare organization has announced it has been impacted by the breach.

Wisconsin Diagnostic Laboratories (WDL), a network of 13 medical testing facilities in and around Milwaukee, is notifying 114,985 patients that some of their protected health information was compromised in the AMCA data breach.

On June 3, 2019, AMCA informed WDL that some of its patients’ data had been compromised as a result of the hacking of a web payment portal. The hacker gained access to the payment page on August 1, 2018. The breach was detected on March 30, 2019 and unauthorized access was terminated.

The types of information in AMCA systems was limited to patients’ names, dates of birth, dates of service, names of lab or medical service providers, referring physician’s name, balances owed to WDL, and other medical information related the services provided by WDL. No Social Security numbers or lab test results were compromised in the breach. A limited number of individuals also had their financial information (credit card number/bank account details) compromised. Those individuals have been notified directly by AMCA.

Please see the HIPAA Journal Privacy Policy

3 Steps To HIPAA Compliance

Please see HIPAA Journal
privacy policy

  • Step 1 : Download Checklist.
  • Step 2 : Review Your Business.
  • Step 3 : Get Compliant!

The HIPAA Journal compliance checklist provides the top priorities for your organization to become fully HIPAA compliant.

The only patients affected by the breach were those that had outstanding bills that had been passed to AMCA for collection.

As has been the case with other clients impacted by the breach, WDL has ceased doing business with AMCA and has taken steps to ensure that all patient data held by the company is retrieved and secured.

WDL is the 23rd healthcare organizations to confirm it has been affected by the AMCA data breach. Provisional figures indicate 24,911,500 individuals have been impacted by the breach.

Companies Affected by the AMCA Data Breach

Healthcare Organization Estimated Records Exposed Confirmed Victim Count (OCR)
1 Quest Diagnostics/Optum360 11,900,000 11,500,000
2 LabCorp 7,700,000 10,251,784
3 Clinical Pathology Associates 2,200,000 1,733,836
4 Carecentrix 500,000 467,621
5 American Esoteric Laboratories 541,900 409,789
6 Inform Diagnostics 173,617 173,617
7 Laboratory Medicine Consultants 147,600 140,590
8 Wisconsin Diagnostic Laboratories 114,985 114,985
9 Austin Pathology Associates 46,500 43,676
10 Integrated Regional Laboratories 29,644 29,644
11 Penobscot Community Health Center 13,000 13,299
12 West Hills Hospital and Medical Center / United WestLabs 10,650 10,650
13 Seacoast Pathology, Inc 10,000 8,992
14 Arizona Dermatopathology 7,000 5,903
15 Western Pathology Consultants 4,550 4,079
16 Natera 3,000 3,035
17 Sunrise Medical Laboratories 427,000 TBC
18 BioReference Laboratories/Opko Health 422,600 TBC
19 CBLPath Inc. 148,900 TBC
20 CompuNet Clinical Laboratories 111,000 TBC
21 South Texas Dermatopathology LLC 16,100 TBC
22 Pathology Solutions 13,300 TBC
23 Laboratory of Dermatology ADX, LLC 4,240 TBC
Total Records Breached 24,545,586 24,911,500

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.