The Wedge Recovery Centers, a mental health service provider based in Philadelphia, Pennsylvania, discovered suspicious activity within the computer network on June 25, 2021 which indicated unauthorized individuals had breached the security defenses. Steps were immediately taken to block further access and an investigation was launched to determine the nature and scope of the breach.
The investigation confirmed an unauthorized actor had gained access to its network on June 25, 2021; however, no evidence was uncovered during the course of the investigation to suggest any individual’s information had been subjected to actual or attempted misuse as a result of the security breach.
A comprehensive review was conducted of all data potentially affected and that process is ongoing; however, it has now been confirmed that the following types of information were stored in files on parts of the network that were compromised: Name, address, date of birth, Social Security number, and treatment and health insurance information.
The Wedge Recovery Centers have implemented additional technical security safeguards to prevent further incidents of this nature and policies and procedures are being reviewed and enhanced to further improve privacy and security.
All individuals affected by the security breach are being notified by mail and have been advised to remain vigilant against identity theft and fraud and to review their account statements, explanation of benefits statements, and free credit reports for signs of suspicious activity or errors.
The breach has recently been reported to the Department of Health and Human Services’ Office for Civil Rights as affecting 29,000 individuals.
The post Philadelphia Mental Health Service Provider Breach Affects 29,000 Patients appeared first on HIPAA Journal.