Assured, which provides digital imaging services in eight states, reported the incident to HHS Aug. 27 as affecting 244,813 patients. In an Aug. 26 statement posted to its website, Assured said it discovered on May 19 that ransomware had encrypted its EHR, and its systems were accessed by an unknown attacker from May 15-17. Some data was exfiltrated from its systems during that period, Assured stated.
Patient information affected by the security incident includes names, addresses, dates of birth, patient identification numbers and medical histories.
After discovering the ransomware attack, Assured notified HHS and other government regulators and is reviewing its privacy policies to implement more safeguards.
More articles on cybersecurity:
OCR updates HIPAA resources for cloud computing, mobile health apps: 3 details
Roper St. Francis employee email hack exposes 6,000 patient medical records
Blackbaud ransomware attack affects 108,483 individuals at Northwestern Memorial, Spectrum Health
