Ohio hospital’s EHR hit by ransomware attack, exposes 7,000+ patients’ info

Zanesville, Ohio-based Muskingum Valley Health Centers has notified more than 7,000 patients that their personal information may have been exposed in a ransomware attack on its EHR system.

In the July 31 data breach notice, the hospital said that in June it discovered a ransomware attack on the EHR system of Cambridge-based OB GYN Specialists of Southeastern Ohio, which MVHC acquired in 2018

A cybersecurity firm determined that three OB GYN Specialists’ systems, including its EHR server that contained patient records from 2012-17, were hit by ransomware on May 31. Patient names, dates of birth, Social Security numbers, diagnoses, conditions, lab results and insurance claim details were exposed.

MVHC reported the incident on July 31 to HHS’ OCR data breach portal as affecting 7,447 individuals.

The hospital has updated its security policies, procedures and password requirements in response to the incident and is also offering 24 months of credit monitoring and identification theft protection services to individuals affected.

More articles on cybersecurity:
Patients with medical record privacy concerns 3 times more likely to withhold info from physicians: study 
Computer stolen from Dallas COVID-19 testing site
2,553 patients affected in email hack at Children’s Hospital Colorado


© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.