The University of Massachusetts (UMass) Amherst has announced a data breach at its Center for Language, Speech, and Hearing. The university says protected health information was possibly revealed after a workstation was inadvertently infected with a malware program.
According to the university, a total of 1,670 patient records were breached. The information included Social Security numbers, addresses, names, dates of birth, health insurance company names or names of other payee, insurance numbers, primary health care or referring physicians, and diagnoses and procedure codes.
The associate Dean of the School of Public Health and Health Sciences, Dan Gerber, sent a letter to the affected saying, “any unusual activity with respect to your health insurance information to limit the likelihood of misuse of PHI [protected health information].”
UMass says in response to the breach, it has installed automated software to detect malicious activity and identified files in departmental computers containing personal information. It will also train current and new staff in security practices.