Intermountain Healthcare affected person knowledge breached in ‘safety incident’

Intermountain Healthcare introduced on Friday {that a} knowledge safety occasion affecting a enterprise affiliate had made protected well being data accessible to unauthorized people.  

The incident affected 4 specialty clinics in southern Nevada, stated officers from the Salt Lake Metropolis-based well being system. Neither its services in Utah and Idaho nor its systemwide data had been affected.  

“Intermountain Healthcare deeply regrets that this matter occurred and sincerely apologizes for any inconvenience or concern it could have prompted,” stated the well being system in a press launch.   

WHY IT MATTERS  

The breach occurred by way of an incident with Intermountain’s enterprise affiliate, the most cancers software program vendor Elekta.  

In mid-Could, stated Intermountain, Elekta knowledgeable the well being system {that a} server with some knowledge referring to its sufferers was affected in a safety incident. This incident meant that some protected well being data saved on the impacted methods had been made accessible to unauthorized folks between April 6 and April 20.    

“Upon receiving this notification, Intermountain Healthcare instantly labored with Elekta and others to verify the character and scope of the info at challenge, together with whether or not and the way it associated to sufferers of Intermountain Healthcare,” learn an announcement from Intermountain.  

Though Intermountain couldn’t verify whether or not dangerous actors really seen or accessed any particular data, Elekta discovered that the info current on its affected methods included affected person names and scanned picture information.   

These information may have included medical photos and data on medical consumption kinds, in addition to affected person Social Safety numbers, dates of start, demographic data, insurance coverage playing cards and different identification playing cards.   

Monetary and cost data was not concerned, and Intermountain says there may be presently no proof of misuse.   

Intermountain didn’t report what number of of its sufferers had been affected. Nonetheless, the identical incident affected 200,000 Northwestern sufferers, in addition to people at dozens of different well being methods.  

“Intermountain Healthcare takes this incident and the safety of the data of their care very significantly. Elekta migrated Intermountain Healthcare’s knowledge to a new-generation cloud system as a part of Elekta’s dedication to safeguarding buyer knowledge,” learn the corporate assertion.  

THE LARGER TREND  

Elekta has not but revealed specifics in regards to the nature or scope of the assault, however the incident – which additionally took most cancers remedies at some hospitals offline earlier this 12 months – exemplifies the ways in which well being system networks could be left weak by way of enterprise associates.  

In truth, a report printed in February 2021 discovered that nearly three-quarters of the variety of breaches reported to HHS within the final six months of 2020 had been tied to third-party enterprise associates.  

ON THE RECORD  

“As a part of Intermountain’s ongoing dedication to guard the data in our care, Intermountain is working to evaluate our present insurance policies and procedures as they pertain to third-party distributors and dealing with Elekta to guage further measures and safeguards to higher shield towards the sort of incident sooner or later,” stated an Intermountain official.

 

Kat Jercich is senior editor of Healthcare IT Information.
Twitter: @kjercich
E mail: [email protected]
Healthcare IT Information is a HIMSS Media publication.

Source link

Previous post Inspiring Olympic Physiques
Next post 9 Hacks That Make Calorie Counting A Breeze