Hospice patients of FRHS impacted by Email Breach
Frederick Regional Health System (FRHS), based in Frederick city of Maryland, is notifying hospice patients about a possible data breach, after it became victim of a phishing attack. The Maryland-based Health System has discovered that Protected Health Information (PHI) of some hospice patients was possibly been accessed by the unauthorized individuals due to a phishing attack.
The officials first learned about this unauthorized access to an email account of an employee via phishing on Jan. 21, 2019. The unauthorized person's access to the employee email account was immediately terminated, and the officials began an investigation.
An analysis of that compromised email account revealed that emails as well as attachments contain patient information such as patient names, health insurance type, and health insurance numbers. For some of the patients, the compromised email account may also contain Social Security numbers.
This breach incident didn't affect all the patients of Frederick Regional Health System or all the Hospice patients. Only some patients receiving the hospice services in between Jun. 2017 and Jan. 2019 from the Frederick Regional Health System were affected by this breach.
No indication of misuse of any PHI has been found but, still as a precaution, the Frederick Regional Health System mailed letters to the affected patients on Mar. 18, 2019, and also established a call center particularly for answering any questions the patients may have in this regard. The Maryland-based Health System also recommends that the affected patients should review their statements received from their respective health insurers. In case they see any services that they didn't receive, then they should immediately contact their insurer.
Moreover, Frederick Regional Health System is further offering complimentary identity theft protection and credit monitoring services for 1 year to the affected patients.
The HHS' Office for Civil Rights (OCR) breach portal shows that 760 patients of Frederick Memorial Hospital were affected by this breach.
"We deeply regret any inconvenience or concern this incident may cause our patients. Frederick Regional Health System has dedicated multiple resources to cybersecurity over the years because we know the healthcare industry is a target," the officials said in their notification. The officials added that "we will continue to implement additional security enhancements and conduct further email training with our staff".
» SPAMfighter News - 15-04-2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!