PHI of 8,400 Billings Clinic Patients Compromised Due to Hacked Email Account

8,400 patients’ protected health information (PHI) included in the email account of a personnel of Billings Clinic in Billings, MT was exposed. The cybersecurity systems of the clinic spotted a number of strange activities that led to the discovery of the information breach on May 14, 2018. Promptly, the clinic secured the email account however it could have been likely that an unauthorized individual already saw or duplicated the PHI of patients.

There was minimal data in the account. There was no financial details nor Social Security numbers stored in the email account and for that reason these information remained secure. The data in the account was obtained from patient appointments specifically the patients that scheduled appointments for healthcare services starting year 2008 to 2011.

The compromised data in the account were names, contact information, birth dates, explanation of healthcare services, medical record numbers, diagnoses and internal financial control numbers. In accordance with the investigation, just this email account was compromised during the breach. A lot of data breaches just like this case is caused by employees who respond to phishing attacks. Nonetheless this specific case did not originate from a phishing attack. The employee went overseas just lately to accomplish a medical mission. Though away, the unauthorized individual got the employee’s email information. It’s likely that he intercepted the login account when the employee hooked up to unprotected public Wi-Fi or phony Wi-Fi hotspot.

Medical organizations must ensure that employees understand the risks whenever they hook up to public Wi-Fi networks. This is specially crucial if employees are permitted to take sensitive data with them in portable gadgets or gain access to PHI wirelessly. Workers really ought to only be connected to the internet utilizing a VPN or virtual private network. The VPN software need to be updated and a web-filtering solution is recommended whenever accessing the account beyond the company’s firewall.

About James Keogh 144 Articles
James Keogh has been writing about the healthcare sector in the United States for several years. With several years of covering healthcare topics, he has developed expertise in HIPAA-related issues, including compliance, patient privacy, and data breaches. His work is known for its thorough research and accuracy, making complex legal and medical information accessible . James's articles are valuable resources for healthcare professionals and have been featured in reputable publications. You can follow James on Twitter https://x.com/JamesKeoghHIPAA and contact James on LinkedIn https://www.linkedin.com/in/james-keogh-89023681.