Lubbock Coronary heart & Surgical Hospital Experiences Information Breach Affecting 23,379 Sufferers – JD Supra

On September 9, 2022, Lubbock Coronary heart & Surgical Hospital filed official discover of an information breach with the U.S. Division of Well being and Human Companies Workplace for Civil Rights following an information safety incident that disrupted the hospital’s laptop community. In keeping with Lubbock Coronary heart Hospital, the breach resulted within the following affected person knowledge being compromised: names, contact info, demographic info, dates of delivery, Social Safety numbers, analysis and therapy info, prescription info, Medical Report Numbers, supplier names, dates of service, and medical insurance info. Lately, Lubbock Coronary heart Hospital despatched out knowledge breach letters to 23,379 sufferers, informing them of the incident and what they’ll do to guard themselves from id theft and different frauds.

What We Know In regards to the Lubbock Coronary heart & Surgical Hospital Information Breach

Info on the Lubbock Coronary heart Hospital breach comes from the hospital’s official submitting with the U.S. Division of Well being and Human Companies Workplace for Civil Rights, in addition to a discover posted on the hospital’s web site. In keeping with these sources, on July 12, 2022, hospital administration realized of an information safety incident that had impacted the performance of its IT community. In response, the hospital secured its methods, notified legislation enforcement, after which started working with exterior cybersecurity specialists to analyze the incident.

The hospital’s investigation confirmed that an unauthorized social gathering had gained entry to its IT system on July 11, 2022, and that the unauthorized entry was terminated on July 12, 2022. Nonetheless, the investigation additionally revealed that delicate affected person knowledge could have been accessed and copied from the hospital’s community.

Upon discovering that delicate affected person knowledge was accessible to an unauthorized social gathering, Lubbock Coronary heart & Surgical Hospital then reviewed the affected information to find out what info was compromised and which shoppers had been impacted. Whereas the breached info varies relying on the person, it could embrace your title, contact info, demographic info, date of delivery, Social Safety quantity, analysis and therapy info, prescription info, medical file quantity, supplier names, dates of service, and medical insurance info.

On September 9, 2022, Lubbock Coronary heart & Surgical Hospital despatched out knowledge breach letters to all people whose info was compromised because of the current knowledge safety incident. In keeping with the U.S. Division of Well being and Human Companies Workplace for Civil Rights, the Lubbock Coronary heart & Surgical Hospital knowledge breach leaked the data of 23,379 sufferers.

Extra Info About Lubbock Coronary heart & Surgical Hospital

Based in 2003, Lubbock Coronary heart & Surgical Hospital is a physician-owned hospital system based mostly in Lubbock, Texas. Lubbock Coronary heart & Surgical Hospital offers sufferers with a variety of providers, together with bodily remedy, cardiology, cardiothoracic surgical procedure, urology, gastroenterology, pulmonology, endocrinology, radiology, emergency providers, laboratory service, pharmacy, vital care drugs, normal surgical procedure, bariatric surgical procedure, cosmetic surgery, and vascular surgical procedure. Lubbock Coronary heart & Surgical Hospital employs greater than 352 individuals and generates roughly $37 million in annual income.

Healthcare Information Breaches Pose Extra Dangers Victims Ought to Be Conscious Of

The Lubbock Coronary heart & Surgical Hospital knowledge breach is simply the latest instance of a healthcare knowledge breach. In reality, healthcare suppliers have been one of the vital steadily focused organizations in 2022. As cybercriminals and different unhealthy actors proceed to focus their efforts on acquiring sufferers’ protected well being info, it is vital for knowledge breach victims to grasp each what’s in danger and what their choices are within the wake of a healthcare cyberattack.

The first cause why healthcare knowledge breaches are so harmful is that they usually compromise sufferers’ protected well being info. Protected well being info, known as PHI for brief, is demographic info, check and laboratory outcomes, psychological well being info, medical historical past info, insurance coverage info and different knowledge that healthcare professionals accumulate when treating a affected person. The gathering and use of protected well being info are managed by the Well being Insurance coverage Portability and Accountability Act of 1996 (“HIPAA”).

Nonetheless, not all healthcare-related knowledge is taken into account “protected well being info.” For well being info to be thought of “protected,” it has to comprise an identifier. HIPAA offers for 18 totally different identifiers, the most typical of that are:

• Names;

• Addresses (extra particular than a state);

• Social Safety numbers;

• Dates (extra particular than only a yr), resembling a affected person’s birthdate or admission date;

• E-mail addresses;

• Cellphone numbers;

• Medical file numbers;

• Well being plan beneficiary numbers;

• Account numbers;

• Automobile identifiers;

• Web protocol (IP) addresses;

• Biometric IDs, resembling fingerprints or voice prints;

• Full-face images and different photographs of figuring out traits; and

• Some other distinctive figuring out attribute.

Healthcare knowledge breaches are very regarding based mostly on the truth that this info is extremely private. Nonetheless, apart from the privateness dangers, there’s additionally a really actual hazard of bodily and monetary hurt. Hackers who receive protected well being info could promote the data to a different individual, who can then use the stolen affected person knowledge to acquire healthcare providers underneath the affected person’s title. This not solely leaves the sufferer chargeable for the invoice however may also result in deceptive and incorrect info being added to their medical data.

Those that consider their protected well being info was compromised in an information breach ought to attain out to an skilled knowledge breach lawyer to debate their choices.

If you happen to or a beloved one just lately obtained therapy at Lubbock Coronary heart Hospital, you could be amongst these whose info was compromised. Sadly, this additionally means the hackers chargeable for the assault could also be in possession of your private info, together with your Social Safety quantity. To study extra about what you are able to do to scale back the chance of id theft and what your authorized choices are within the wake of the Lubbock Coronary heart Hospital breach, you may overview our current put up on the subject here.