Healthcare claims services provider Med Associates is notifying its patients that the facility suffered a data breach in March potentially exposing PII, including medical diagnosis and payment card information.
The incident was discovered on March 22 when some unusual activity was noticed on an employee's workstation, the Latham, N.Y.-based Med Associates said in a release. The organization's IT department and an outside forensics firm began an investigation and determined an unauthorized person accessed the computer possibly gaining access to patient information.
The Albany Times-Union is reporting about 270,000 people may be impacted by the breach.
“While our investigation is ongoing, we have determined that that information that may have been accessible from the workstation would have included patient names, date of birth, address, dates of service, diagnosis codes, procedure codes and insurance information, including insurance ID Number. There was no banking or credit card information contained on or accessible from the workstation,” Med Associates said.
At this time Med Associates is unaware of any of the information being abused.
