Wisconsin Urology Group Notifies Patients of Data Breach Due to Ransomware Attack | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Wisconsin Urology Group Notifies Patients of Data Breach Due to Ransomware Attack

March 23, 2017
by Heather Landi
| Reprints

Wauwatosa, Wis.-based Metropolitan Urology Group has notified its patients of a breach of unsecured patient health information due to a ransomware attack back in November 2016.

According to a statement on the medical group’s website, on January 10th, 2017, Metropolitan Urology Group (MUG) was made aware that a ransomware attack that occurred November 28, 2016 exposed certain patient health information to the hackers who infected two MUG servers with the ransomware virus.

According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) breach portal, the breach affected the protected health information (PHI) of 17,634 individuals, and the breach notification was submitted to OCR on March 10th. The incident was categorized as hacking/IT incident on a network server.

“MUG has been working with a premier, international information technology firm to remove the ransomware virus and is taking steps to ensure that such attacks never occur again. MUG has blocked all traffic from accessing the affected servers,” the medical group stated. Further, the medical group wrote in the statement, “MUG has installed the best firewall protection and secure email system. It is protecting all devices used by MUG employees, and updating its policies and procedures to reflect these technological changes. MUG is also conducting a risk analysis of its information technology system to detect any other vulnerabilities that may exist so it can quickly correct them. Both MUG and its information technology vendor, Digicorp, will be undergoing training on information security.”

The information exposed relates to services provided to patients by MUG between 2003 and 2010 and includes patient first and last name, procedure codes, dates of service, patient account number or patient control number and provider identification number. Less than five patients also had the social security numbers exposed.

The medical group is offering all affected patients free credit monitoring for a year. It has also established a call center to answer questions from patients.

 

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

ONC Roundup: Senior Leadership Changes Spark Questions

The Office of the National Coordinator for Health IT (ONC) has continued to experience changes within its upper leadership, leading some folks to again ponder what the health IT agency’s role will be moving forward.

Media Report: Walmart Hires Former Humana Executive to Run Health Unit

Reigniting speculation that Walmart and insurer Humana are exploring ways to forge a closer partnership, Walmart Inc. has hired a Humana veteran to run its health care business, according to a report from Bloomberg.

Value-Based Care Shift Has Halted, Study Finds

A new study of 451 physicians and health plan executives suggests that progress toward value-based care has stalled. In fact, it may have even taken a step backward over the past year, the research revealed.

Study: EHRs Tied with Lower Hospital Mortality, But Only After Systems Have Matured

Over the past decade, there has been significant national investment in electronic health record (EHR) systems at U.S. hospitals, which was expected to result in improved quality and efficiency of care. However, evidence linking EHR adoption to better care is mixed, according to medical researchers.

Nursing Notes Can Help Predict ICU Survival, Study Finds

Researchers at the University of Waterloo in Ontario have found that sentiments in healthcare providers’ nursing notes can be good indicators of whether intensive care unit (ICU) patients will survive.

Health Catalyst Completes Acquisition of HIE Technology Company Medicity

Salt Lake City-based Health Catalyst, a data analytics company, has completed its acquisition of Medicity, a developer of health information exchange (HIE) technology, and the deal adds data exchange capabilities to Health Catalyst’s data, analytics and decision support solutions.