Arizona Pain Clinic Notifies 900K Patients, Providers and Employees about Information Security Incident | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Arizona Pain Clinic Notifies 900K Patients, Providers and Employees about Information Security Incident

August 17, 2016
by Heather Landi
| Reprints
Click To View Gallery

Phoenix-based Valley Anesthesiology and Pain Consultants is notifying 882,592 patients and all current and former employees and providers about an information security incident due to a third party possibly gaining unauthorized access to its computer systems.

The pain clinic, which is comprised of 300 anesthesiology and interventional pain management providers, posted a notice on its website regarding an incident involving patient information. According to that notice, on June 13, 2016, Valley Anesthesiology and Pain Consultants (VAPC) learned that a third party may have gained unauthorized access to the VAPC computer systems on March 30, 2016. “Upon learning of the situation, VAPC immediately began an investigation, including hiring a leading forensic firm, and notifying law enforcement,” the notice stated.

“The forensics firm found no evidence that the information on the computer system was accessed, but was unable to definitely rule that out,” the notice stated.

According to a press release that VAPC released August 12 about the same security incident, the computer systems may contain patient information, such as patient names, their providers' names, dates of service, places of treatment, names of health insurers, insurance identification numbers, diagnosis and treatment codes, and in some instances, social security numbers.

For providers, the computer systems included credentialing information, such as names, dates of birth, social security numbers, professional license numbers, Drug Enforcement Agency (DEA) numbers, National Provider Identifiers (NPIs), as well as bank account information and potentially other financial information. For employees, the computer systems included names, dates of birth, addresses, social security numbers, bank account information and financial information, such as tax information.

The pain clinic also said that there is no evidence that any patient information was accessed or used inappropriately.

VAPC also stated in the press release that the organization is taking steps to enhance the security of its computer systems in order to prevent this type of incident from occurring again in the future. These steps include reviewing its security processes, strengthening its network firewalls, and continuing to incorporate best practices in IT security.

The pain clinic also is offering free credit monitoring and identity protection services to those individuals whose social security numbers or Medicare numbers were included in the incident.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Healthcare Execs Anticipate High Cost Returns from Predictive Analytics Use

Healthcare executives are dedicating budget to predictive analytics, and are forecasting significant cost savings in return, according to new research from the Illinois-based Society of Actuaries.

Adam Boehler Tapped by Azar to Serve as Senior Value-Based Care Advisor

Adam Boehler, currently director of CMMI, has also been named the senior advisor for value-based transformation and innovation, HHS Secretary Alex Azar announced.

Vivli Launches Clinical Research Data-Sharing Platform

On July 19 a new global data-sharing and analytics platform called Vivli was unveiled. The nonprofit group’s mission is to promote, coordinate and facilitate scientific sharing and reuse of clinical research data.

Survey: More Effective IT Needed to Improve Patient Safety

In a Health Catalyst survey, physicians, nurses and healthcare executives said ineffective information technology, and the lack of real-time warnings for possible harm events, are key obstacles to achieving their organizations' patient safety goals.

Physicians Still Reluctant to Embrace Virtual Tech, Survey Finds

While consumers and physicians agree that virtual healthcare holds great promise for transforming care delivery, physicians still remain reluctant to embrace the technologies, according to a new Deloitte Center for Health Solutions survey.

Geisinger, AstraZeneca Partner on Asthma App Suite

Geisinger has partnered with pharmaceutical company AstraZeneca to create a suite of products that integrate into the electronic health record and engage asthma patients and their providers in co-managing the disease.