Dive Brief:
- In December of 2014, hackers targeted employee usernames and passwords in an attempt to gain access to personal health information (PHI) of patients at Seton Healthcare Family, a not-for-profit health system in Texas.
- Following an investigation, Seton determined that PHI of around 39,000 patients had been compromised via an e-mail account, which has since been shut down.
- Information gained by the hackers includes names, addresses, birth dates, medical record numbers, insurance information, clinical information and Social Security numbers.
Dive Insight:
According to a report from e-mail security company Agari, the healthcare industry is falling behind in preserving the privacy and security of e-mail communications. Recent Agari survey statistics show that healthcare providers have the lowest "TrustScore" when it comes to keeping online communication secure. According to the survey report, an e-mail from a healthcare provider is "four times more likely to be fraudulent than one that is purportedly from a social-media company like Facebook."
Seton is taking steps to mitigate the damage by notifying those who were affected by mail and through local media outlets. It is also offering identity monitoring and protection services to those whose Social Security numbers were compromised.
Want to read more? You may enjoy this story on four ways providers can avoid data breaches.