Cook County Health and Hospices Organization, a health organization consisting of two hospices and over a dozen community health facilities in Illinois, has warned patients to a breach of their PHI.
The breach happened at Experian Health, a BA of Cook County Health and Hospices Organization. Experian Health is hired to decide insurance entitlement and the partial patient information is disclosed to the BA for this goal.
The breach happened in March 2017 in the course of an update of a computer system of Experian Health. The PHI of 727 patients was inadvertently transmitted to other healthcare organizations. The PHI disclosed was limited and didn’t contain the kinds of information required by cybercriminals to carry out identity thievery.
Because of the limited disclosure of Protected Health Information, and the truth that the info was transmitted to companies protected by HIPAA Laws, the danger to patients is expected to be little. Up till now, Experian Health hasn’t been informed of any illegal uses of the disclosed info. The breach was restricted to patients’ names, dates of birth, medical record numbers, and account numbers.
After the discovery of the breach, Experian Health took measures to regain and safeguard the disclosed info and measures have been taken to avoid similar happenings from disclosing the Protected Health Information of patients. Cook County Health and Hospices Organization also reexamined the breach and is contented with the steps undertaken by Experian Health to avoid similar breaches from taking place in the time to come.
Cook County Health and Hospices Organization were informed of the breach on August 1, 2017 and an additional breach notice was posted on the health system’s site on October 2, 2017. All patients affected by the breach have now been informed by post and a breach statement has been presented to the Division of Health and Human Services’ OCR.