TriValley Primary Care based in Perkasie, PA has started sending notifications to 57,596 patients regarding the potential compromise of some of their personal data and protected health information (PHI).
Suspicious activity was noticed in its IT system on October 11, 2021. The healthcare provider took steps promptly to secure its systems and stop further unauthorized access. Third-party forensic specialists helped in investigating the incident to ascertain the nature and impact of the cyberattack.
The investigation into the breach ended on November 4 and although no evidence of actual or attempted patient data misuse, unauthorized access and potential theft of PHI couldn’t be disregarded. Therefore, affected patients were instructed to be cautious for activities involving identity theft and fraud. The impacted individuals had been provided with complimentary credit monitoring services.
A review of the files located on the affected systems showed that the following types of patient information might have been compromised: First and last name, gender, home address, email address, phone number, date of birth, Social Security number, health insurance policy/group plan number, provider of the group plan, claim details, medical history, diagnosis, treatment data, dates of service, lab test records, prescription information, medical account number, provider name, and other data documented in the medical records.
TriValley Primary Care said it is assisted by cybersecurity professionals to enhance its cybersecurity policies, procedures, and practices to minimize the risk of more data breaches and the employees will have additional cybersecurity training.