Home >  News >  May, 2017

Cyberattack Targets Patient Information at Pa. Endoscopy Center

The incident reinforces the importance of protecting sensitive electronic records from online criminals.

Published: May 3, 2017

PROGRAMMED PROTECTION Cyberattacks are increasing rapidly, in both volume and complexity.

How secure is the personal information of the patients you treat? A recent data breach at a Pennsylvania endoscopy center suggests all healthcare facilities must bolster their defenses against the anonymous criminals who lurk in cyberspace.

Staff at Harrisburg (Pa.) Endoscopy and Surgery Center noticed suspicious activity on the facility's operating system and determined on March 17 that an unauthorized hacker could have accessed patients' personal data, which included names, demographic information, Social Security numbers and health insurance information.

A statement posted on the facility's website says there's no evidence that electronic records were in fact compromised and that patients were notified of the potential breach in an "abundance of caution." In late April, the center began mailing letters to patients who might have been impacted and set up a dedicated call line to address their concerns.

Bill Rhodes, the center's COO, says an IT forensic company completed a full scan that showed zero evidence of any patient information being exported from the system. "As a precaution, we notified our patients of the suspicious activity and provided them the opportunity to have a credit check for one year, free of charge," he adds. "Our IT company has made changes to the current cybersecurity on our servers and this will be monitored at a more stringent pace than in the past, so as to stop any chance of a breach in the future."

It's been known for more than 2 years and from many sources that healthcare medical records are a top target for cybercrime, according to Ellen M. Derrico, MBA, an independent marketing executive of healthcare technology and security based in West Chester, Pa. She says, "Health care is the top target because patient records are complete, which provides criminals with credit card information, birth dates, Social Security numbers, insurance policy information and medical histories."

Ms. Derrico says health care is behind the curve on investing in technology, training and recovery plans that are needed to protect against cybercrime. "Healthcare providers are also often more interested in budgeting for new equipment or personnel, so cybersecurity is underfunded" she adds. "This all adds up to a cybercriminal's dream scenario."

Most cyber breaches are not identified for weeks, months or, in some cases, more than a year, according to Ms. Derrico. She suggests healthcare facilities implement a comprehensive cybersecurity program that includes: adding technology to protect operating systems, networks, personal devices and patient data; installing up-to-date anti-viral and anti-malware software; and ensuring staff members receive training about protecting electronic records.

Daniel Cook

Also in the News...

Brainlab Recalls Spine & Trauma 3D Navigation 1.0 Software Due to Display Inaccuracies
FDA Orders Withdrawal Of Transvaginal Surgical Mesh From Market
Lawsuit: When PACU Lights Dimmed, Doc Asked Wife to Hold Penlight on Her Husband's Leaking JP Drain
R.I. Smoke Evacuation Legislation Becomes Law
Former Chief Nursing Officer Alleges Firing Retaliation for Reporting Safety Concerns
IV Drip Containing Formaldehyde Instead of Saline Kills Russian Woman, 28
Central Sterile Tech Shoots and Kills Nursing Supervisor at Alabama Hospital

New to Outpatient Surgery Magazine?
Sign-up to continue reading this article.
Register Now
Have an account? Please log in:
Email Address:
  Remember my login on this computer

advertiser banner

Other Articles That May Interest You

Business Advisor

Sending Pre-op Text Alerts and Reminders

The Perks of Paperless Preference Cards

Digital platforms take the stress out of knowing you'll have the supplies you need when and where you'll need them.

11 Patient Communication Apps

From chatbot-powered pre-op text messaging to AI-driven recovery plans, technology is transforming the patient experience.