UCare Minnesota, an independent nonprofit health plan, reported a data security incident that affected patient information.
1. The health system first identified unusual network activity in April and then found an unauthorized person accessed some company email accounts on May 4.
2. After identifying the incident, UCare changed email account passwords and enhanced security for email accounts.
3. On Sept. 1, the company realized one or more of the email accounts that were breached may have included some protected health information, including member names, birth dates, healthcare provider names, diagnosis information and health insurance member ID numbers.
4. The breach affected 4,806 individuals’ information, according to HHS.
5. The company has no evidence the information was misused.
More articles on cybersecurity:
At nearly $7M, Premera Blue Cross agrees to pay 2nd largest HIPAA fine in OCR history
Geisinger warns of phone spoofing scams, launches digital info hub
12 health system malware, ransomware and phishing incidents this month
© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.