North Ottawa Medical Group Notifies 22,000 of Bizmatics Breach
North Ottawa Medical Group (NOMG) has notified 22,000 of its patients that they have been impacted by a malware infection that was discovered by its EMR management company, Bizmatics. NOMG joins a long list of organizations that have been impacted by the breach.
The latest announcement takes the total number of patients affected by the security breach to over 265,000 individuals. The data potentially exposed as a result of the malware infection on Bizmatics’ server include patients’ names, addresses, health visit data, treatment information, health insurance information, and in some cases, Social Security numbers. The last four digits of payment cards could potentially also have been exposed.
Patients affected by the breach had previously sought medical services at NOMG’s Internal Medicine, Family Practice, or Women’s Health physician practices.
The investigation into the security incident conducted by Bizmatics did not uncover evidence to suggest that patient data had in fact been accessed by unauthorized individuals. The company also could not confirm whether the malware was installed on the server in order to gain access to patient health data, although the possibility could not be ruled out.
Because there is a risk that patient data were accessed and could be used inappropriately, NOMG has offered affected patients a year of credit monitoring services without charge.
Uncommon Care Reports Network Server Hacking Incident
Uncommon Care, an Angier, North Carolina-based provider of urgent and primary care has also reported a potential data breach to the Office for Civil Rights that has impacted 13,674 patients. The breach involved the hacking of a network server. A substitute breach notice has not been placed on the organization’s website, so the specifics of the cyberattack are currently unknown.
However, there is a high probability that Uncommon Care is also a victim of the malware attack on Bizmatics. As with the other healthcare organizations impacted by the cyberattack on San Jose-based Bizmatics, Uncommon Care uses the PrognoCIS EMR management tool.