PHI of 85,000 Patients of Center for Orthopedic Specialists Impacted by Ransomware Attack

ONC Published a New Patient Guidebook to Encourage Patient Health Record Access

Patients consulting with the Center for Orthopaedic Specialists received warning that some of their protected health information (PHI) was potentially viewed by unauthorized people when ransomware got installed on its network system. The ransomware attack impacted three of the establishments of the Center for Orthopaedic Specialists situated in Simi Valley, West Hills and Westlake Village in California. Databreaches.net noted that the PHI of 85,000 patients were potentially affected.

The IT merchant of the Center for Orthopaedic Specialists made them aware that an unauthorized person began its attempt to access its network on February 18, 2018. He succeeded and installed ransomware, which encrypted many files containing the PHI of patients. Data that was encrypted by the ransomware included the patientsโ€™ names, some patientsโ€™ information, dates of birth and Social Security numbers.

The IT merchant had taken immediate action to restrict the potential damage the ransomware could cause. They took the attacked system offline swiftly to prevent any extraction of information. As per the data breach investigation, there is no proof uncovered that would indicate the persons liable for the attack viewed or duplicated the patientsโ€™ PHI. However the investigators could not exclude data theft with 100% assurance. Out of abundant precaution, the Center informed all the patients whose information was encrypted by the ransomware to allow them to be more careful and keep an eye out for indications of identity theft and fraudulence.

Despite the fact that the probability of data theft is low, the Center for Orthopaedic Specialists is providing no cost identity theft protection and credit monitoring services for 2 years via ID Experts to all affected patients. In addition, the patients get $1,000,000 worth of insurance protection.

About Liam Johnson

Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: https://www.linkedin.com/in/liamhipaa/