San Diego, CA-located Ron’s Pharmacy Facilities has noticed that a worker’s electronic mail account having limited PHI has been listed onto by an unidentified person.
Strange activity was noted on the worker’s electronic mail account on 3rd October 2017, leading to an inquiry; nevertheless, it wasn’t until December 21, 2017, that it was discovered that an illegal person had obtained emails in the electronic mail account that had patient info enclosed.
An inspection of the worker’s electronic mail account showed just a negligible volume of PHI was undermined: Names, payment adjustment info, and internal account numbers, although a small number of patients also had info concerning their recommended medicines accessed. Although the access to PHI was exposed, Ron’s Pharmacy hasn’t been made conscious of any abuse of patient info. Ron’s Pharmacy has currently informed patients concerning the breach and informed the event to the proper authorities.
In its alternate breach notification recorded on 2nd February 2018, Ron’s Pharmacy clarified that prompt measure was taken to safeguard the electronic mail account and avoid additional access. Login identifications were altered, and an external computer forensics experts company was engaged to carry out a complete examination to decide the type of the attack, its range, and the way access to the account was achieved.
Staff have received additional teaching and procedures and policies have been revised to fortify defenses versus future cyber attacks such as this.
The breach report transmitted to the Division of Health and Human Services’ OCR says that 6,781 people were affected by the HIPAA breach.