Tennessee-based Cleveland Medical Associates is offering approximately 22,000 patients identity protection services after a ransomware attack against the practice.
The five-clinician practice is offering a year of protective services through Equifax to both current and former patients whose information may have been affected.
Cleveland Medical Associates declined to provide more details about the incident and also did not provide any additional statements about the attack.
The breach was discovered the morning of April 17. In response, the practice implemented a new medical records system and engaged forensic specialists to determine the extent to which information was affected. The practice believes the motive for the attack was extortion and that access to patient health information was not an end result of the attack.
“Based upon our investigation, there is no evidence that your protected health information was taken from our system or misused as result of the incident,” the practice told patients in a notification letter. “Because we were unable to determine with reasonable certainty whether or not there was an unauthorized access of your information, however, we are providing you with notification of this incident.”
Protected health information that could have been compromised includes patient names, addresses, demographics, telephone numbers, email addresses, clinical information, insurance billings and Social Security numbers.
The Equifax protection package offers credit monitoring, as much as $25,000 in identity theft insurance and automatic fraud alerts of changes to a credit report.
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access