Fayetteville, Arkansas-based Ozark Orthopaedics, P.A., has notified patients of a data breach potentially affecting 15,240 patients.
Late in 2019, Ozark Orthopaedics noticed “unusual activity” in its email system. After securing its email system, Ozark Orthopaedics investigated the matter and discovered that it stemmed from four employee email accounts. The investigation revealed that “messages and attachments contained within the affected email accounts included some personal and medical information belonging to Ozark patients.”
Exposed information may have included patient names and treatment information, diagnosis information, prescription information, medication information, health insurance information, Medicare/Medicaid identification numbers, social security numbers, and/or financial account information. However, Ozark Orthopaedics “has no evidence that any of the information involved in this incident has been misused.”
Started in 1948 by the late Dr. Coy Kaylor, Ozark Orthopaedics has been providing orthopedic care in Northwest Arkansas for over 70 years. Operating out of four locations, Ozark Orthopaedics treats injuries and problems associated with various parts of the body as well as sports medicine concerns.
The number of data breach incidents continues to rise. In January 2020, healthcare data breaches of 500 or more records were reported to the Department of Health and Human Services’ Office (HHS) for Civil Rights at a rate of more than one a day. Since 2018, there have been 12 data breach incidents reported in Arkansas. Ozark Orthopaedics is one of three Arkansas breaches reported to HHS this year.
Vulnerable patients have begun suing hospitals and clinics over attacks on their personal information. For OTW’s previous coverage of recent cybersecurity data breach lawsuits, see “Victims Can Sue Ortho Clinics if Data Hacked,” “Banner Health Agrees to Pay $6 Million for Data Breach,” and “Four Patients Sue DCH Health System After Ransomware Attack.”
For ways to protect your patients and practice against ransomware attacks, see OTW’s previous article, “Tips to Avoid and Mitigate Ransomware Attacks.”
