The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Central Indiana Orthopedics & Duncan Regional Hospital Report 80K-Record Data Breaches

Posted By on Mar 17, 2022

Cyberattacks have been reported by Duncan Regional Hospital in Oklahoma and Central Indiana Orthopedics that have affected a total of 170,084 individuals.

Duncan Regional Hospital

Duncan Regional Hospital has recently announced it was the victim of a cyberattack in January. The incident was detected on January 20, 2022, when suspicious activity was identified in some of its IT systems. All systems were immediately taken offline to prevent further unauthorized access and a third-party computer forensics firm was engaged to determine the nature and scope of the breach.

Duncan Regional Hospital said the hackers did not gain access to its electronic medical record system but did access parts of the network where files containing patient data were stored. Those files contained patient names, addresses, phone numbers, dates of birth, Social Security numbers, appointment information such as dates of service and healthcare provider names, and limited treatment information.

Steps have been taken to improve security and prevent further attacks, including an organization-wide password reset and implementing new endpoint threat detection and response monitoring software and more robust firewall restrictions. Affected individuals have been notified and offered complimentary credit monitoring and identity protection services.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The incident has been reported to the HHS’ Office for Civil Rights as affecting 86,379 patients.

Central Indiana Orthopedics

Earlier this month, Central Indiana Orthopedics announced it was the victim of a cyberattack that was detected on October 16, 2021. Steps were immediately taken to secure its network and a third-party computer forensics firm was engaged to investigate the breach.

The investigation revealed files containing patient information had been accessed by unauthorized individuals, although no reports have been received that suggest any patient information has been misused. The types of information in the files varied from patient to patient and may have included names, addresses, Social Security numbers, and limited medical information.

Central Indiana Orthopedics said several steps have been taken in response to the breach to improve security, prevent further cyberattacks., and mitigate the risk of future harm. All individuals affected by the breach have been notified and offered complimentary credit monitoring, dark web monitoring, and identity theft protection services.

The incident has been reported to the HHS’ Office for Civil Rights as affecting 83,705 individuals.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist