Nearly 2,250 patients of Vincent Vein Center in Grand Junction, Colorado, may have had their information compromised when a third-party business associate had its data servers hacked.
Vincent was using a tool from Bizmatics to help operate its electronic health record management and practice management, according to its announcement on the breach. The attack on the vendor led to hackers having access to all customer records.
The center adds that information accessible includes patients’ entire medical records, with data on their medical visits and treatment, as well as names, addresses and health insurance information.
Vincent added in the announcement that Bizmatics says there is no evidence currently that the records were actually access or shared.
“VVC is examining Bizmatics’ practices and determining whether a continued relationship with Bizmatics is appropriate. VVC will make every attempt to prevent further breaches,” the organization says.
Overall, up to 150,000 patients may have been impacted by the attack on Bizmatics’ server. That includes tens of thousands of patients of Eye Associated of Pinellas, as well as more than 19,000 patients of Patient Treatment Centers of America (PTCOA) and Interventional Surgery Institute (ISI).