Earlier this week, hospital group Community Health Systems announced a security breach that may affect millions of patients nationwide.
According to Community Health Systems and security firm Mandiant, which has been handling the incident, the attack on Community Health Systems’ databases originated in China and targeted patients who visited or were referred to any of the group’s 206 hospitals between April and June. Names, addresses, and more sensitive information such as birth dates and Social Security numbers for more than 4.5 million patients are believed to have been stolen.
This latest cyberattack, like the others preceding it in the last several months, leaves patients vulnerable to attempts at identity theft and other cybercrimes requiring personally identifying information. In response, Community Health Systems confirmed that the malware used has been removed from their database. They have notified patients of the breach and will offer identity monitoring services to those believed to be affected (as retailer Target did in late 2013).
Unfortunately, the information taken in this breach is protected by HIPAA laws and could open up the hospital group to lawsuits from state attorneys general as well as from individual patients in states where the law allows it.
While protecting critical patient information from damaging security breaches may be difficult, it is also essential to keep patients and healthcare providers safe. If you need working capital to invest in your information security, contact PRN Funding to learn how healthcare factoring can provide you with the necessary cash flow.