PHI of 24,000 Georgia Eye Associates Patients Exposed Due to EyeSouth Partners Email Account Breach

A hacker accessed the email account of an employee of EyeSouth Partners and potentially viewed or acquired the electronic protected health information (ePHI) of up to 24,000 patients. EyeSouth Partners, which is a business associate of South Georgia Eye Partners, Georgia Eye Associates, Georgia Ophthalmology Associates and Cobb Eye Center, became aware of the data breach on October 25, 2018.

EyeSouth Partners took immediate action to secure the employee’s email account and reviewed the security of its network. To avoid future email account breaches, enhanced security procedures to protect information have been implemented.

According to the breach investigation, the unauthorized person first accessed the email account on September 11, 2018 and access remained possible until October 25. Third-party computer forensics specialists assisted in the investigation of the breach and helped to identify which patients had had their ePHI compromised. The investigators informed EyeSouth Partners on December 19, 2018 that the hacker had potentially accessed email messages containing the ePHI of Georgia Eye Associates patients.

The exposed information varied for each patient. Information in the email messages and email attachments included patients’ names, addresses, email addresses, contact numbers, internal patient ID numbers, type of insurance carrier, insurance provider names, payment histories, summaries of charges, account balances and summaries of services and procedures. The Social Security numbers of a few patients were also exposed.

EyeSouth Partners has notified all affected patients and has offered free credit monitoring services.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: