Last Day | FREE 2023 Study Guide + Practice Exam(s) with 2-Attempt Exam  Purchase | Learn More

Hacks Breach Hospital Chain's PHI Data

What is believed to be Chinese hackers seeking intellectual property instead hacked non-medical identification data of 4.5 million patients visiting physicians associated with Community Health Systems hospitals, the chain said in an SEC statement. The chain, which boasts affiliation with 206 hospitals in 29 states, says it believes the hackers were looking for medical device and equipment development data.
The company says personal health information (PHI) data stolen included patients’ names, Social Security numbers, physical addresses, birthdays, and telephone numbers.They did not steal information related to patients’ medical histories, clinical operations, or credit cards, and the FBI says it is working with Community Health Systems to identify the hackers and protect the data.
As a HIPAA violation, the company said in its SEC statement, the offending malware has been eliminated from its computer systems. It plans to offer identity theft protection to the 4.5 million victims of the breach.
Hacks of PHI comprise less than 10 percent of breaches reported to the federal Office for Civil Rights at the Department of Health & Human Services, but they can be significant and costly. In 2012, the Utah Department of Technology Services’ servers were breached, exposing three quarters of a million records of Utah Medicaid and Children’s Health Insurance program beneficiaries; the Salt Lake Tribune reported the state paid $3.4 million directly and forced another $5.6 million of improvements to prohibit another breach.

Brad Ericson
Latest posts by Brad Ericson (see all)

About Has 336 Posts

Brad Ericson, MPC, CPC, COSC, is a seasoned healthcare writer and editor. He directed publishing at AAPC for nearly 12 years and worked at Ingenix for 13 years and Aetna Health Plans prior to that. He has been writing and publishing about healthcare since 1979. He received his Bachelor's in Journalism from Idaho State University and his Master's of Professional Communication degree from Westminster College of Salt Lake City.

Comments are closed.