Nonprofit health system notifies more than 2,000 patients of breach
Partners HealthCare System, Inc., notified more than 2,000 patients on February 5 that their protected health information (PHI) may have been affected by a breach in 2017.
The Boston-based nonprofit health system discovered that its computer network was infected with malware early in May 2017, according to Partners’ notification. The initial forensic investigation indicated that the malware did not access Partners’ electronic medical record system. However, as the investigation progressed, it was discovered that some personal data and PHI had been accessed by infected computers. The PHI of more than 2,600 individuals was involved in the breach, Boston Business Journal reported. Affected PHI included:
- Names
- Dates of service
- Clinical information such as diagnosis or medication
- Social Security numbers
- Financial data
Partners set up a toll-free number that patients can call for more information or to find out if their PHI was affected by the breach. The organization is not offering credit monitoring services, but does list steps affected individuals can take to protect their PHI and identity data, such as requesting a security freeze, giving updated information to healthcare providers, and contacting the Federal Trade Commission.