Malware, Billing Company Theft Equal Health Data Breaches

What is malware? 

It is an umbrella term used to refer to a variety of types of hostile or intrusive software, including computer viruses, worms, trojan horses and other malicious programs. Malware can take the form of executable code, scripts, active content, and other software. 

Medical identity theft occurs when somebody steals your personal information such as date of birth, Social Security Number, health insurance ID. Anything from malware to sophisticated cyber attacks to theft laptops can lead to PHI being compromised. Workers need to be properly trained in healthcare data security measures, and facilities have to make necessary business associate agreements. It will assist put covered entities on the way to work toward prevention and to recover an incident. 

• Malware points out 981 patients’ information at threat 

Cleveland’s MetroHealth System has announced it has suffered a PHI breach after malware was discovered on three of its computers. 981 medical reports of patients who received cardiac catheterizations were potentially compromised in the risk. 

Cleveland’s MetroHealth System, a county-operated non-profit healthcare provider based in Cleveland, Ohio, discovered on July 14, 2014, to March 21, 2015, that malware had infected three Cardiac Cath Lab computers. The malicious software was removed the following day on March, 21.

Cleveland’s MetroHealth initiated an immediate investigation into the malware infection and potential records breach to determine how the software had been installed, the extent to which records had been compromised, the patients who had been affected and whether any records had actually been viewed or copied. While the malware was firstly thought to have been successfully removed, the forensic research revealed the highly sophisticated nature of the software. Some days into the research, it was open that in addition to the malware, a back door had been created allowing the maker of the software full access to the affected machines. That back door remained to unlock until March 21, after three days the malware was removed.  

• Medical billing company theft leads to potential health data breach 

A Medical Management Limited Liability Company worker, who no longer works for the company, copied certain items of personal info from the billing system over the past three years and then illegally disclosed that info to a third party, according to a UPMC report. Potentially compromised information consists of names, dates of birth and Social Security numbers. However, UPMC said there is no proof that information about medical histories or cures was disclosed.

University of Pittsburgh Medical Center has been informed by law enforcement authorities based on their ongoing research that more employee information was stolen than they originally knew, Gloria Kreps, a University of Pittsburgh Medical Center spokeswoman, composed in an email to the Pittsburgh Post-Gazette. This latest information has indicated that worker names, Social Security numbers, details, salaries, bank account numbers and bank routing numbers may have been accessed.

Get more information on medical billing and coding or interested in outsourcing medical billing practices, Precision7 is the perfect choice.