November 2016 Cyber Security Summary

December 1, 2016


November 2016 Cyber Security Summary

As we near the end of the fall season, data shows a continued decline in healthcare records compromised compared to the crazy amount of healthcare records compromised this summer. Data breaches in November 2016 included a facility with a stolen hard drive, hackers from overseas, and packets mailed with labels that showed personal health information. Here is a breakdown of all healthcare related hacks:


Since the beginning of the year:
So far there has been a total of 932 total data breaches in the United States. 337 of those were healthcare breaches. Overall 42% of the 34 million records compromised this year were in the healthcare field.


Notable Data Breaches in November:

Stolen Hard Drive
There were 3,000 patients notified by a spine center in Texas earlier this month about a data breach due to a stolen hard drive. The external hard drive contained patients’ information such as social security numbers, addresses, birthdays and diagnosis. So far, there is no evidence of inappropriate use of information. However, victims are still encouraged to look at their finances to make sure that there are no stolen identities.


A vascular health center in Georgia recently notified their patients of a data breach that occurred due to an outside source gaining access to one of their servers. The hackers which are suspected to be from outside the U.S. were able to access the server with a compromised password.  They had access to the server from March until September before the facility officials realized. Luckily, the server did not contain any social security numbers or financial info. However, it did have medical records and demographic information.


Mailing Labels
A healthcare provider mailed all of their patients informational packets containing details on with their Medicare Prescription Drug coverage. While preparing these packets for mailing something went wrong, and patients’ HIC Numbers (a Medicare ID number which consists of a person’s social security number and a letter) were printing on each mailing label. While this was a mistake and not an intentional breach of information, it compromised many healthcare records.