More than 18,000 patients of Tacoma, Wash.-based MultiCare Health System may have been affected by a data breach that targeted third-party post-acute care company Avamere Health Services.
An Aug. 10 news release from MultiCare said that in early 2022, a hacker potentially removed files containing protected health information from Avamere's network, possibly including full names, diagnoses and provider names. The files may have included data on 18,614 beneficiaries of MultiCare's Bundled Payment for Care Improvement Advanced program.
Avamere contracts with MultiCare joint venture Physicians of Southwest Washington, whose ACO subsidiary NW Momentum Health Partners was another possible victim of the breach. The company is notifying affected individuals by mail.