156,000 Notified of Hacking Incident

Tampa Clinic's Practice Management System Breached
156,000 Notified of Hacking Incident
In the second major healthcare hacking attempt reported to federal authorities in recent weeks, a Tampa practice has notified 156,000 individuals that a hacker accessed a server containing its practice management system, which stores patient information.

Ankle + Foot Center of Tampa Bay said in a statement on its website that on Nov. 10, 2010, "outside third-party attempts had been made against the practice management system" that stores patient information, including names, Social Security numbers, dates of birth, addresses, account numbers, healthcare services information and related diagnostic codes.

The practice reported that it "has no evidence that any of the patients' lives have been adversely affected nor do we have any evidence to date that their data has been compromised." It portrayed the notice as "strictly a preventive measure" to alert patients to monitor their credit records for any unauthorized changes.

Hacking Investigation

The practice said it was "working closely with the FBI to ensure that our patients' data still is, and always will remain, confidential."

In light of the hacking incident, the practice "immediately disconnected the connectivity source of the breach and replaced it with a more secure technological environment."

The incident was recently posted on the Department of Health and Human Services' Office for Civil Rights list of major healthcare information breaches, as required under the HITECH Act breach notification rule.

Also recently posted to the breach list was a Nov. 12, 2010, incident at a New Hampshire radiology practice, which notified more than 230,000 patients that they may have been affected by a healthcare information breach incident involving hackers using a server to gain bandwidth to play a video game.


About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Howard J. Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 34 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network