Note: nor'-east Radiology issued a pressure waiver yesterday about a data certificate incident that their healthcare management services provider, alinement HealthCare Services, notified them about. DataBreaches.net noted that Alliance notified northeast Radiology on January 11, 2010 — the day after TechCrunch reported updated research on the problem with exposed PACS leaking protected health information. Although nor'-east Radiology describes this incident as unauthorized individuals gaining access to the files, it seems likely that the PACS server was connected to the internet without any parole required and people found it and accessed it. DataBreaches.net sent an email inquiry to Northeast Radiology asking about this, but we have received no reply as yet. If we do, we may update this post. The following is their press release: Northeast Radiology today announced that it is addressing a data security incident, caused by unauthorized individuals, which may have involved the personal information of some patients. northeastward Radiology and its healthcare management services provider, Alliance HealthCare Services, hold completed an investigation with a lead forensic security firm and are evaluating systems and processes to assist prevent future occurrences. On January 11, 2020, alliance HealthCare Services notified northeastward Radiology that unauthorized individuals gained access to Northeast Radiology�s picture archiving and communication system (“PACS”), which is used to store radiology images and related information. Upon learning of the incident, alliance HealthCare Services launched an investigation to understand the incident, critique all related security controls, and evaluate systems and processes to further strengthen protections for the PACS. There is no evidence that any personal info was misused by the unauthorized individuals, and Northeast Radiology is not aware of any instances of hoax or identity theft as a result of this incident. However, alinement HealthCare Services and nor'-east Radiology�s investigation determined that 29 patients� information was accessed in this incident. Northeast Radiology is notifying each of these patients and providing them with details regarding the incident and next steps. Other patients� information was also available on the system, but regarding them, nor'-east Radiology and Alliance HealthCare Services do not have evidence about whose particular info may make been accessed, if at all. Therefore, out of an abundance of caution, these other patients are also being notified. The information potentially involved for each individual varied, but could experience included name, gender, age, appointment of birth, exam description, date of service, image, image description, and medical register number which, in some instances, may experience corresponded to the patient�s Social Security Number. Where Northeast Radiology has notified patients, they make also arranged for identity protection and credit monitoring services for those individuals whose social Security Numbers were potentially impacted. Written notifications were sent beginning mar 11, 2020, to all potentially impacted individuals for whom northeastward Radiology had contact information. If individuals doh not receive written notification but believe their records may experience been impacted, they can bespeak info by calling the confidential enquiry line at 1-800-491-8837 between 9:00 a.m. and 6:30 p.m. Eastern time monday through Friday. Individuals should refer to the notice they received in the mail to learn how they can protect themselves against potential hoax and identity theft. as a precautionary measure, individuals should remain vigilant about reviewing their account statements and citation reports. If unauthorized activity on an account is suspected, individuals should promptly notify the related financial institution or companion and account the activity to the proper law enforcement authorities, including the individuals� local police and their country attorney general. The Federal trade Commission offers additional info on dupery alerts, surety freezes and ways to avoid identity theft. These canful be found by visiting�www.ftc.gov/idtheft, calling 1.877.438.4338 or sending a letter to: federal switch commission 600 Pennsylvania Avenue, nw Washington, DC 20580 northeastward Radiology apologizes for any inconvenience or fear that this incident mightiness cause. For many years, Northeast Radiology has been serving the medical imaging needs in New York, Connecticut and surrounding communities, and remains committed to providing patients the highest character of care while working to keep these types of incidents from occurring in the future.
