25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Hacker Gains Access to Records of 4,668 Princeton Pain Management Patients

Posted By on Feb 8, 2017

Princeton Pain Management, a healthcare provider specializing in the management of chronic pain, has reported a hacking incident has impacted 4,668 of its patients.

The breach affects individuals who visited its medical centers in New Jersey, Pennsylvania, and New York for treatment.

It is not known for how long the hacker had access to Princeton Pain Management’s systems, although the breach was discovered on November 28, 2016. Upon discovery of the breach, a cybersecurity firm was retained to conduct a thorough forensic investigation to determine how access to its systems had been gained, the types of information that were potentially accessed, and which patients were impacted. An internal investigation into the breach was also launched.

The investigation revealed that a wide range of sensitive electronic protected health information (ePHI) had potentially been accessed, including names, telephone numbers, addresses, birth dates, Social Security numbers, driver’s license numbers, Medicare numbers, government identification numbers, diagnostic information, treatment information, and medical and health insurance identifiers.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Princeton Pain Management responded to the breach by conducting a review of its security processes and systems. The security review identified a number of areas where protections could be improved. System security has now been enhanced to prevent similar data breaches from occurring in the future.

The incident has now been reported to the Department of Health and Human Services’ Office for Civil Rights and affected patients have been notified of the breach.

So far in 2017, seven healthcare hacking/IT incidents have been reported to OCR. Hacking/IT incidents account for 29% of all healthcare breaches reported so far this year.

The main cause of healthcare data security incidents in 2017 is unauthorized access/disclosure. 10 incidents have been reported: 42% of the year-to-date total.

The year may be young, but 24 incidents have already been reported to OCR in 2017. Those incidents have impacted 151,970 healthcare patients and health plan members.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist