A radiology practice in New Hampshire reported that a computer server with patient data and billing information has been accessed by "an unauthorized third party."
Seacoast Radiology of Rochester, NH, said it discovered the breach on November 12, 2010. Access to the server was disabled "immediately" and an independent investigation concluded that unauthorized use of patient and billing data was unlikely.
The practice reported that while personal information such as names, addresses, and Social Security numbers were on the server, other information such as patient radiology reports, images, and banking information was not, and therefore was not breached.
Seacoast Radiology said that it has engaged several computer security experts and implemented procedural changes to keep patient data secure from unauthorized access. The practice said that it was disclosing the breach in accordance with the Health Information Technology for Economic and Clinical Health (HITECH) Act.
Related Reading
HHS proposes HIPAA changes, July 9, 2010
Is your office copier a hole in your HIPAA security plan? June 2, 2010
HHS releases breach notification rules, August 20, 2009
HHS provides health information protection guidance, April 21, 2009
Copyright © 2011 AuntMinnie.com
