Hospital breach exposes more than 405,000 records

Bryan, Texas- based St. Joseph Health System is notifying patients and employees that more than 405,000 records were exposed during a two-day data security attack in mid-December.

The attack on a server began Dec. 16 and was discovered Dec. 18 by St. Joseph IT employees, who immediately took the server offline. Tim Ottinger, vice president for the regional health system, told The Eagle that the attack has been traced to China and reported to the FBI.

The exposed records included names, Social Security numbers, dates of birth, patient medical records and possibly addresses. For some affected employees, bank account information was also accessible, the hospital said in a statement on its website.

Forensic investigators were unable to determine whether the hackers extracted any of the data, but all those affected are being offered one free year of identity protection services.

The breach was the fourth largest in the past year, according to the U.S. Department of Health & Human Services' "wall of shame," which has been busy in the past month with more than 70 health data breach incidents added in January.

The number of personal health records breached rose by 138 percent in 2013, according to a report from IT security audit firm Redspin. The theft of four desktop computers from Downers Grove, Ill.-based Advocate Medical Group was the largest breach, with more than 4 million records exposed.

Most health IT executives said they feel unprepared for data breaches in a new survey from MeriTalk.

At the same time, a ruling from the Federal Trade Commission last month could mean healthcare organizations could be dinged for a breach by that agency, as well as the HHS Office for Civil Rights.

"I think the FTC is going to become a more active player where enforcement is concerned," Jeff Smith, director of federal relations for the College of Healthcare Information Management Executives, told FierceHealthIT.

To learn more:
- find the hospital's statement
- read The Eagle story

Free Webinar

Take Control of Your Escalating Claim Costs through a Comprehensive Pre-payment Hospital Bill Review Solution

Today managing high dollar claim spend is more important than ever for Health Plans, TPAs, Employers, and Reinsurers, and can pose significant financial risks. How can these costs be managed without being a constant financial drain on your company resources? Our combination of the right people and the right technology provides an approach that ensures claims are paid right, the first time. Register Now!

Suggested Articles

A three-way deal between UpHealth, Cloudbreak, and a blank check company has created a new public digital health company valued at $1.35 billion.

By being proactive and using predictive models that target the most at-risk populations, payers can identify members who need help and intervene.

On the heels of its partnership with Cerner, Well Health scored a major funding round and announced that a Haven executive has joined its team.