BreachExchange mailing list archives
Patients of UMass Center Warned of Security Breach
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 5 Jun 2013 10:27:37 -0500
http://www.wggb.com/2013/06/04/patients-of-umass-center-warned-of-security-breach/ AMHERST, Mass. (WGGB) — UMass officials are notifying patients of the school’s Center for Language, Speech, and Hearing that their personal health data may have been compromised after malware infected a workstation. The center, which offers clinical services for people with communication disorders, differences, or delays, is sending out letters to about 1,600 patients whose records were affected, in accordance with federal regulations. According to a statement from UMass, the workstation became “inadvertently infected” with a malware program on April 5, 2013 and that the risk of theft of the personal information was “low.” An investigation conducted by the university’s Office of Information Technology found no evidence indicating that any of the data was copied from that infected workstation. Some of the data in question includes names, addresses, birthdays, Social Security numbers, health insurance company and policy numbers, diagnoses, and primary or referring doctors names. Dan Gerber, associated Dean of UMass’ School of Public Health and Health Sciences, is advising patients in the letter to be aware of “any unusual activity with respect to your health insurance information to limit the likelihood of misuse of PHI [protected health information].” The university says that steps have been taken to improve security at all the workstations at the center, as well as provided additional training to staff on security practices. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Patients of UMass Center Warned of Security Breach Erica Absetz (Jun 05)