Home >  News >  May, 2017

Cyberattack Targets Patient Information at Pa. Endoscopy Center

The incident reinforces the importance of protecting sensitive electronic records from online criminals.

Published: May 3, 2017

PROGRAMMED PROTECTION Cyberattacks are increasing rapidly, in both volume and complexity.

How secure is the personal information of the patients you treat? A recent data breach at a Pennsylvania endoscopy center suggests all healthcare facilities must bolster their defenses against the anonymous criminals who lurk in cyberspace.

Staff at Harrisburg (Pa.) Endoscopy and Surgery Center noticed suspicious activity on the facility's operating system and determined on March 17 that an unauthorized hacker could have accessed patients' personal data, which included names, demographic information, Social Security numbers and health insurance information.

A statement posted on the facility's website says there's no evidence that electronic records were in fact compromised and that patients were notified of the potential breach in an "abundance of caution." In late April, the center began mailing letters to patients who might have been impacted and set up a dedicated call line to address their concerns.

Bill Rhodes, the center's COO, says an IT forensic company completed a full scan that showed zero evidence of any patient information being exported from the system. "As a precaution, we notified our patients of the suspicious activity and provided them the opportunity to have a credit check for one year, free of charge," he adds. "Our IT company has made changes to the current cybersecurity on our servers and this will be monitored at a more stringent pace than in the past, so as to stop any chance of a breach in the future."

It's been known for more than 2 years and from many sources that healthcare medical records are a top target for cybercrime, according to Ellen M. Derrico, MBA, an independent marketing executive of healthcare technology and security based in West Chester, Pa. She says, "Health care is the top target because patient records are complete, which provides criminals with credit card information, birth dates, Social Security numbers, insurance policy information and medical histories."

Ms. Derrico says health care is behind the curve on investing in technology, training and recovery plans that are needed to protect against cybercrime. "Healthcare providers are also often more interested in budgeting for new equipment or personnel, so cybersecurity is underfunded" she adds. "This all adds up to a cybercriminal's dream scenario."

Most cyber breaches are not identified for weeks, months or, in some cases, more than a year, according to Ms. Derrico. She suggests healthcare facilities implement a comprehensive cybersecurity program that includes: adding technology to protect operating systems, networks, personal devices and patient data; installing up-to-date anti-viral and anti-malware software; and ensuring staff members receive training about protecting electronic records.

Daniel Cook


Also in the News...

Study: C. Diff Transmission "Might Be More Likely to Occur" in Surgical Centers
Chicago Hospital Sues Leapfrog for Defamation Over Low Patient Safety Grade
Recall: Midazolam Syringes in Blister Packs Contain Syringes of Ondansetron
Study: Overlapping Surgeries Are Safe for Patients
Coughing Fit During Cataract Surgery Costs Patient Her Vision in 1 Eye; Docs Shell Out $1.35M
Mölnlycke Sues Smith & Nephew Over 'False and Deceptive' Claims About Its Wound Dressings
Lawsuit Over Left-Behind Ligating Clip Can Proceed

New to Outpatient Surgery Magazine?
Sign-up to continue reading this article.
Register Now
Have an account? Please log in:
Email Address:
  Remember my login on this computer

advertiser banner

Other Articles That May Interest You

Welcome to Surgery's Inflection Point

Today's technological advancements are transforming surgical care.

iOS App Coming Soon for Cataract Surgeons

Bausch + Lomb, IBM putting data at docs' fingertips.

Have You Checked Out EMRs Lately?

Today's systems are more useful — and more user-friendly — than ever.