On July 29, 2022, Healthback Holdings, LLC confirmed that the corporate skilled an information breach after an unauthorized get together gained entry to delicate affected person information by means of compromised worker e mail accounts. In line with Healthback, the breach resulted within the names, medical health insurance data, Social Safety numbers, and medical data of 21,114 sufferers being leaked. Just lately, Healthback despatched out information breach letters to all affected events, informing them of the incident and what they will do to guard themselves from identification theft and different frauds.
In the event you acquired an information breach notification, it’s important you perceive what’s in danger and what you are able to do about it. To study extra about find out how to shield your self from changing into a sufferer of fraud or identification theft and what your authorized choices are within the wake of the Healthback Holdings information breach, please see our latest piece on the subject right here.
Further Particulars Concerning the Healthback Holdings Information Breach
In line with an official discover filed by the corporate, on June 1, 2022, Healthback realized that an unauthorized get together had gained entry to an worker’s e mail account. In response, Healthback retained the providers of a cybersecurity agency to research the incident. This investigation revealed that a number of worker e mail accounts had been compromised and that the unauthorized get together was in a position to entry the accounts between October 15, 2021 and Might 15, 2022.
Upon discovering that delicate client information was accessible to an unauthorized get together, Healthback Holdings then reviewed the affected e mail accounts, together with all emails and attachments, to find out what data was compromised and which customers had been impacted. Whereas the breached data varies relying on the person, it could embody your title, medical health insurance data, Social Safety quantity, and medical data.
On July 29, 2022, Healthback Holdings despatched out information breach letters to 21,114 people whose data was compromised on account of the latest information safety incident.
Healthback Holdings, LLC is a house healthcare firm based mostly in Chickasha, Oklahoma. The corporate arranges to have workers go to sufferers’ properties to offer wanted providers, together with expert nursing, bodily remedy, superior wound care, occupational remedy, and speech remedy. Healthback Holdings operates over 30 places in Oklahoma and Missouri. Healthback Holdings employs greater than 300 folks and generates roughly $20 million in annual income.
Did the Healthback Breach Lead to Affected person’s Protected Well being Data Being Compromised?
The Healthback Holdings information breach affected a number of several types of affected person information, together with Social Safety numbers, insurance coverage data and medical data. Whereas Healthback didn’t use the time period “protected well being data” to check with the leaked information, based mostly on the corporate’s statements, it seems that the compromised information consisted of protected well being data.
Protected well being data is any information that pertains to a affected person’s previous or present well being situation or how a affected person paid for his or her healthcare. For instance, the outcomes of a CT scan, insurance coverage claims data, or blood check outcomes might each be thought-about protected well being data. Nevertheless, leaked healthcare-related information is simply protected if it incorporates not less than one identifier, which might allow somebody to match the info up with a selected affected person. For instance, just a few frequent identifiers are sufferers’ names, e mail addresses, bodily addresses, pictures or Social Safety numbers.
As a result of the Healthback breach resulted in “medical health insurance data,” “medical data,” in addition to sufferers’ names and Social Safety numbers, it seems that any leaked healthcare information is taken into account “protected.”
However what does it imply that information is protected? From a affected person’s perspective, the truth that information is classed as protected well being data implies that, ought to anybody receive this information, they’ve ample data to hold out healthcare identification fraud.
Healthcare identification theft is much like different forms of identification theft; nonetheless, resolving a case of healthcare identification theft is commonly far more troublesome and comes at a larger value to sufferers. Not solely that, however in contrast to monetary identification theft, healthcare information breaches can put sufferers’ bodily well being in danger.
For instance, after a breach leads to protected well being data being leaked, a hacker can promote a affected person’s information to a 3rd get together who purchases the info to acquire medical care within the sufferer’s title. In doing so, the “faux affected person” might present medical doctors with their very own medical data, which may get blended up with the sufferer’s personal medical data. As an illustration, a faux affected person might give a treating doctor an inventory of their very own drugs, allergy symptoms, or earlier medical procedures. This may end up in a affected person’s medical report containing inaccurate data once they go to the physician for remedy.
Those that have their protected well being data leaked in an information breach ought to you’ll want to take all mandatory precautions, together with reviewing their medical data. Sufferers who’ve questions on find out how to maintain an organization accountable for the theft of their data ought to attain out to a knowledge breach lawyer for help.