Breach, Compliance Management, Data Security, Network Security, Privacy

Records exposed of 650K patients at Bon Secours

Patient records were compromised at Bon Secours, a Maryland-based, nonprofit, Roman Catholic health care provider.

How many victims? 650,000

What type of information? Personal information of patients – including names, insurance identification numbers, banking information, Social Security numbers and some clinical data.

What happened? The data was exposed on the internet for four days after R-C Healthcare Management, a firm that helps hospitals with Medicaid reimbursements, adjusted network settings which resulted in the exposure online of personally identifiable information on Bon Secours patients in three states.

What was the response? The exposure was detected by Bon Secours on June 14. They notified R-C Healthcare, which claimed to take steps "to secure the information so that it could no longer be accessed via the internet,” according to a prepared statement. The health system also launched an internal investigation and started notifying affected patients by mail on August 12. The health system also extended to affected individuals a year's membership to identity protection services.

Quote: "The investigator confirmed the incident has been fully remediated. All R-C customers who might be affected have been notified of the situation and its resolution." – K. Michael Webdale, CEO, R-C Healthcare Management

Source: HealthcareITNews / lohud

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.