Penobscot Community Health Center patients affected by the AMCA Breach
AMCA (American Medical Collection Agency) notified the Penobscot Community Health Center (PCHC) on May 15 of the current year that PHI (Protected Health Information) of around 13,000 PCHC patients had possibly been compromised due to the unauthorized access in the AMCA systems that occurred between Aug. 1, 2018, and Mar. 30, 2019.
PCHC, a non-profit health center of Bangor city in Maine, has hired AMCA for the billing collection services. So, some patient accounts of PCHC were sent to the AMCA for the debt collection. AMCA was also provided with PHI for those patients whose accounts were sent to the AMCA for the debt collection, so as to provide the billing collection services. In each of this case, the information that was revealed to AMCA was limited to minimum necessary amount.
In a security notice, PCHC said that "PCHC values the privacy and confidentiality of its patients' information. Regrettably, this notice is regarding the American Medical Collection Agency (AMCA) incident, which you may have recently heard about in the news or about which you recently received notice by letter". On Jul. 12, 2019, the PCHC started notifying their impacted patients regarding the data breach incident that was caused because of the AMCA incident. It is also requesting the impacted patients to monitor carefully their account statements. Besides, the impacted patients will also receive 24 months of complementary identity theft protection and credit monitoring services.
The compromised information contains the patients' names, referring medical provider name, dates of birth, as well as other medical information about services received at the PCHC. Some of the patients' credit card information was also stored in the AMCA systems. However, AMCA has confirmed that no diagnosis, treatment information, or health records were affected by this incident.
The PCHC has already terminated their business relationship with the AMCA, and is at present attempting to retrieve as well as secure all the patient information that was contained in the AMCA systems.
PCHC said that "PCHC deeply regrets any concern or inconvenience this incident may cause our patients. PCHC has since ceased doing business with AMCA and is taking steps to retrieve and secure all PCHC information contained in AMCA's systems".
» SPAMfighter News - 8/12/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!