Premier Health Partners in Dayton, Ohio, is notifying individuals that a data breach may have exposed their personal health information, although to date there’s no evidence that the information was misused.
The company became aware of suspicious activity on July 12, 2023, at which point it launched an investigation to determine its nature and scope. Files on certain Premier Health systems were compromised by an unauthorized third party between June 7 and July 12, 2023.
While the affected information varies for each patient, it can include name, date of birth, Social Security number, driver's license number or state issued identification number, passport number, individual taxpayer identification number, digital signature, login credentials, financial account information, medical information and health insurance information.
Premier could not immediately be reached for comment.
WHAT’S THE IMPACT
Premier is sending letters to those impacted. In the letters, the organization is offering complimentary credit monitoring services and information on available resources.
The company is also encouraging people who might have been impacted to be on the lookout for any signs of identity theft or fraud. It’s encouraging patients to review account statements, and to monitor their credit reports and explanation of benefits forms for suspicious activity.
Premier said it’s providing impacted individuals with contact information for the three major credit reporting agencies, as well as providing advice on how to obtain free credit reports and how to place fraud alerts and security freezes on their credit files.
Potentially affected patients can also find information regarding identity theft, fraud alerts, security freezes and the steps they may take to protect their information by contacting the credit bureaus, the Federal Trade Commission or their state attorney general, Premier said.
THE LARGER TREND
A number of data breach incidents have affected healthcare organizations this year, perhaps none more than Yale New Haven Health, which in April reported that a March data breach affected more than 5 million people.
The Connecticut-based nonprofit health system first noticed unusual activity affecting its IT systems in early March. Using assistance from external cybersecurity experts, the system's investigation determined that an unauthorized third party gained access to its network and obtained copies of certain data.
A 2024 KnowBe4 report showed that a surge in cyberattacks contributed to a steep rise in cyberattack costs for healthcare organizations, with the average breach cost nearing $11 million – more than three times the global average – making healthcare the costliest sector for cyberattacks.
Ransomware attacks have dominated, accounting for over 70% of successful cyberattacks on healthcare organizations in the past two years.
Email: jlagasse@himss.org
Healthcare Finance News is a HIMSS Media publication.