Skip to main content
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Digital Health
    • Transformation
    • ESG
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Blogs
    • AI
    • Deals
    • Layoff Tracker
    • HIMSS 2023
  • Opinion
    • Breaking Bias
    • Commentaries
    • Letters
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • ESG: The Implementation Imperative Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Hospital at Home
    • - Workplace of the Future
    • - AI and Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Sponsored Video Series - One on One
    • Sponsored Video Series - Checking In with Dan Peres
  • Data & Insights
    • Data & Insights Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • Newsletters
  • MORE+
    • Contact Us
    • Advertise
    • Media Kit
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Cybersecurity
May 10, 2019 11:42 AM

Healthcare data breaches reach record high in April

Jessica Kim Cohen
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    Providers, health plans and their business associates reported 44 data breaches to the federal government last month.

    That's the highest number of healthcare breaches reported in a single month since HHS' Office for Civil Rights began maintaining its online database of healthcare breaches in 2010, surpassing the previous record—exactly one year ago, April 2018—when healthcare groups reported 42 breaches to the agency.

    In spite of the record number of incidents reported last month, April experienced a downtick in the number of people who had data exposed. Healthcare breaches reported in April compromised data from 686,953 people, down 29% from the 963,794 people affected by breaches reported in March. Two breaches reported in April each exposed data on more than 100,000 people.

    The largest breach, which compromised data on up to 206,695 people, involved a ransomware attack at Doctors' Management Service, a company that provides medical billing services to hospitals and physician practices. Doctors' Management Service reported the data breach to the OCR on April 22, two years after the incident began.

    The company said patients seen at 38 of its client locations may have had information comprised in the data breach.

    Doctors' Management Service said it first noticed technical issues with its computer network in December 2018. Upon investigation, the company discovered its server had been encrypted with GandCrab, a ransomware variant, and determined that an unauthorized user had accessed the network beginning in April 2017.

    The company said it restored its patient data through backups, and therefore did not pay any ransom.

    "On February 15, 2019, our forensic investigator reported that while the investigation could not determine whether personal health information was actually viewed or downloaded that type of activity could not be ruled out," Doctors' Management Service said in a notice signed by its CEO Timothy DiBona and posted to its website April 22.

    DiBona said that despite the unauthorized access beginning in 2017, the company had provided notice to affected providers within 60 days of its discovery of the incident, as required by the OCR.

    "The healthcare providers had an additional 60 days after receipt of notice from DMS to notify HHS," he added. "In this case, DMS agreed to notify HHS on behalf of the healthcare providers within the allotted 60-day period."

    The second-largest breach in April took place at Centrelake Medical Group, which operates a network of imaging facilities in southern California.

    In February, Centrelake Medical Group discovered its information system had been infected with a virus that restricted access to its files. As part of its investigation, the group found what it called "suspicious activity" on its network dating back to January and lasting until the virus infection in February, according to a notice posted online April 16.

    The affected servers housed files and software applications that contained information on up to 197,661 patients who visited Centrelake Medical Group.

    Doctors' Management Service and Centrelake Medical Group's data breaches represent the sixth- and seventh-largest breaches reported this year, respectively. Centrelake Medical Group had not responded to a request for comment at deadline.

    Nearly two-thirds of organizations—including Doctors' Management Service and Centrelake Medical Group—attributed breaches they reported in April to hacking or IT incidents. The remaining breaches resulted from theft, loss, improper disposal, or unauthorized access or disclosure of patient records.

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    cybersecurity
    Health insurance data breach exposes Congressional members' personal info
    cybersecurity-data-hacking_2_i.png
    Following alleged cyberattack, Tallahassee Memorial resumes some services
    Most Popular
    1
    CMS tries luring providers to revamped Medicare ACOs
    2
    Oregon joins other states in setting ratios for nurse staffing
    3
    Blue Shield CA taps Amazon, Mark Cuban, CVS for new PBM model
    4
    A health innovation hub grows in Lake Nona Medical City
    5
    Hospital-at-home providers push for Medicaid coverage
    Sponsored Content
    Digital Health Intelligence Newsletter: Sign up to receive a twice-weekly (T, F) morning newsletter featuring the latest reporting on technologies, trends, players and money fueling the rapid changes in how healthcare is developed, paid for and delivered.
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Help Center
    • Advertise with Us
    • Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Digital Health
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • ESG
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Blogs
      • AI
      • Deals
      • Layoff Tracker
      • HIMSS 2023
    • Opinion
      • Breaking Bias
      • Commentaries
      • Letters
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • ESG: The Implementation Imperative Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Hospital at Home
        • - Workplace of the Future
        • - AI and Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Sponsored Video Series - One on One
      • Sponsored Video Series - Checking In with Dan Peres
    • Data & Insights
      • Data & Insights Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • Newsletters
    • MORE+
      • Contact Us
      • Advertise
      • Media Kit
      • Jobs
      • People on the Move
      • Reprints & Licensing