July 4, 2018
Med Associates, the health billing firm, situated in Latham, NY-based, which provides claims facilities to more than 70 healthcare suppliers, has found that a worker’s computer has been logged onto by an illegal person.
It is possible that the hacker got the protected health information of up to 270,000 clients by way of the undermined appliance.
Strange activity was observed on a staff member’s computer on March 22, 2018, resulting in an inquiry by the information technology division. Further inquiry by a third-party computer forensics company established that the machine had been distantly logged on by an illegal person.
The inquiry brought to light that the HIPAA violation happened on the same day that the strange activity was seen. After recognizing the breach, access to the computer was disabled.
Med Associates and the computer forensics company did not find any evidence to indicate that any information accessible by way of the computer was retrieved by the hacker and neither have any reports been submitted to indicate any protected health information has been incorrectly used. All patients having an effect by the breach have now been communicated and have been offered one year of credit checking as well as identity theft protection facilities for free of charge.
The bulk of people affected by the breach reside in the Capital Region, even though about 1,700 people in Florida, Massachusetts, and Vermont have also been affected.
With the bulk of the patients impacted, the breach was limited to names, dates of service, health insurance information, dates of birth, addresses, diagnosis, and procedure codes, even though a small number of Social Security numbers were also obtainable through the machine.
As reported in TimesUnion, Med Associates presented a breach report to the Division of Health and Human Services’ Office for Civil Rights (OCR) on June 14, 2018.