HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

PHI of 57,000 Patients Potentially Compromised in TriValley Primary Care Cyberattack

Perkasie, PA-based TriValley Primary Care has started notifying 57,596 patients that some of their personal and protected health information has potentially been compromised.

Suspicious activity was detected in its IT environment on October 11, 2021. Steps were immediately taken to secure its systems and prevent further unauthorized access, and third-party forensic experts were engaged to conduct an investigation to determine the nature and scope of the cyberattack.

The investigation into the breach concluded on November 4 and while no evidence of actual or attempted misuse of patient data was identified, unauthorized access and potential theft of protected health information could not be ruled out. As such, affected patients have been advised to be vigilant against identity theft and fraud, and complimentary credit monitoring services have been provided to affected individuals.

A review of the files on the affected systems confirmed the following types of patient data may have been compromised: First and last name, gender, home address, phone number, email address, date of birth, Social Security number, health insurance policy/group plan number, group plan provider, claim information, medical history, diagnosis, treatment information, dates of service, lab test results, prescription information, provider name, medical account number, and other information contained in medical records.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

TriValley Primary Care said it is working with cybersecurity experts to improve its cybersecurity policies, procedures, and protocols to reduce the risk of further data breaches and the workforce is being provided with additional cybersecurity training.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.