Perkasie, PA-based TriValley Primary Care has started notifying 57,596 patients that some of their personal and protected health information has potentially been compromised.
Suspicious activity was detected in its IT environment on October 11, 2021. Steps were immediately taken to secure its systems and prevent further unauthorized access, and third-party forensic experts were engaged to conduct an investigation to determine the nature and scope of the cyberattack.
The investigation into the breach concluded on November 4 and while no evidence of actual or attempted misuse of patient data was identified, unauthorized access and potential theft of protected health information could not be ruled out. As such, affected patients have been advised to be vigilant against identity theft and fraud, and complimentary credit monitoring services have been provided to affected individuals.
A review of the files on the affected systems confirmed the following types of patient data may have been compromised: First and last name, gender, home address, phone number, email address, date of birth, Social Security number, health insurance policy/group plan number, group plan provider, claim information, medical history, diagnosis, treatment information, dates of service, lab test results, prescription information, provider name, medical account number, and other information contained in medical records.
TriValley Primary Care said it is working with cybersecurity experts to improve its cybersecurity policies, procedures, and protocols to reduce the risk of further data breaches and the workforce is being provided with additional cybersecurity training.
The post PHI of 57,000 Patients Potentially Compromised in TriValley Primary Care Cyberattack appeared first on HIPAA Journal.