PHI of Veterans with PTSD Potentially Compromised in OSU Data Breach

Share this article on:

An Ohio State University (OSU) pilot program to help veterans recover from Post Traumatic Stress Disorder (PTSD) and other mental health issues was breached and the personal information of patients has been compromised, according to a recent NBC4 Investigates Report.

The (OSU) Veterans Neuromodulation Operation Wellness (NOW) pilot program was shut down permanently on June 15, 2021, but prior to the closure, a data breach occurred. OSU explained in its notification letters to affected individuals that the breach was detected on April 24, 2021, and occurred between January 25, 2021, and March 4, 2021.

NBC4 Investigates spoke with one veteran who received a June 14, 2021, notification letter from the Office of Compliance and Integrity informing him that his name, address, Social Security number, and medical history may have been compromised. It is currently unclear how many individuals have been affected by the breach.

The Veterans Now Program was paused in March 2021 for a week, with the program’s lead doctor placed on leave. The program was then re-started without the lead doctor but was shut down permanently on June 15, 2021. An OSU spokesperson said the shutdown was due to noncompliance issues. It is unclear whether those noncompliance issues were related to the data breach.

Physicians Dialysis Reports Potential PHI Breach

Physicians Dialysis is alerting certain patients that some of their protected health information has potentially been compromised as a result of a security breach.

Unusual activity was detected in its systems on March 21, 2021 and independent cybersecurity experts were engaged to assist with the investigation to determine the nature and scope of the breach. That investigation revealed unauthorized access to a database containing the protected health information of current and former patients, including names, addresses, birth dates, medical information, Social Security numbers, health insurance information, and claims information.

It took until June 22, 2021, to identify affected individuals and verify contact information. Notification letters were sent to affected individuals on June 25, 2021.

Individuals whose Social Security number was compromised have been offered complimentary credit monitoring services through IDX. Since the breach was discovered, Physicians Dialysis has implemented additional security measures to prevent similar breaches in the future.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.

Share This Post On