The Wolfe Eye Clinic in Marshalltown, IA, has reported a data breach that “may have resulted in unauthorized access to the sensitive personal information of some of our patients.”
The clinic reported to the U.S. Department of Health and Human Services that data for 542,776 individuals was affected. The breach involves Eye Care Leaders, provider of the myCare Integrity electronic medical record platform.
SC Media reports that the breach brings the total number of patients affected by the nationwide breach to nearly 3.6 million.
The breach took place in December.
“Notably, there was no evidence that this incident involved unauthorized access to any of Wolfe’s patient records,” Wolfe state on its website. “However, a lack of available forensic evidence prevented Eye Care Leaders from ruling out the possibility that some protected health information and personally identifiable information may have been exposed to the bad actor.”
More from Wolfe’s notice:
This incident has affected eye care practices across the country and is not specific to Wolfe. There is no evidence of any attempted or actual misuse of any personal information. However, out of an abundance of caution, Wolfe is notifying, via mail, any patient whose information may have been stored on the myCare Integrity system at the time of a data security incident, and providing resources to help protect potentially affected individuals. This data security incident occurred entirely within Eye Care Leaders’ network environment, and there were no other remedial actions available to Wolfe.
According to Eye Care Leaders, on or around December 4, 2021, an unauthorized party accessed myCare Integrity data and deleted databases and system configuration files. According to Eye Care Leaders, upon identifying the activity, Eye Care Leaders’ incident response team immediately stopped the unauthorized access and began investigating the incident. Notably, there was no evidence that this incident involved unauthorized access to any of Wolfe’s patient records. However, a lack of available forensic evidence prevented Eye Care Leaders from ruling out the possibility that some protected health information and personally identifiable information may have been exposed to the bad actor. As stated above, there was no evidence that this information was actually accessed by the bad actor.
What information was involved
As of this writing, Wolfe has not received any reports of identity theft related to this incident. However, in the interest of complete transparency, the information present during the period of unauthorized access may have included our patients’ name, address, date of birth, social security number, diagnostic information, and health insurance information.
What we are doing and what you can do
Please know that the protection and security of your personal information is our highest priority, and we sincerely regret any concern or inconvenience this matter may cause you. Wolfe is providing a toll-free number, 1-855-926-0784, Monday through Friday 8:00 a.m. to 5:30 p.m. Central Time, excluding all major U.S. Holidays, if any current or former patients have questions.
Wolfe sincerely regrets any inconvenience or concern that this matter may cause and remains dedicated to ensuring the privacy and security of all information in our control.
For more information
If you have any questions, please call Kroll at 1 (855) 926-0784, Monday through Friday, between 8 am and 5:30 pm CST for assistance.
The post 534K Eyecare Patient Records at Risk in Iowa Data Breach appeared first on INVISIONMAG.COM.