Here’s what you should know:
1. The phishing attack affected one employee’s email inbox between May 27 and Aug. 13, according to a notice on the center’s website.
2. The affected email account contained some protected health information, including patients’ names, Social Security numbers, driver’s license numbers and/or medical information. Some patients’ credit card numbers were also stored in the account.
3. SWRSC discovered the breach Sept. 25 after launching an investigation and reviewing the employee’s emails, and the Oregon Attorney General’s Office was notified.
4. The incident doesn’t affect all SWRSC patients. The center doesn’t have evidence any of the information was misused.
5. To minimize the risk of a similar incident, SWRSC has updated passwords and enhanced email access protocols. It is offering a free credit monitoring and identity theft restoration services to patients whose Social Security numbers and/or driver’s licenses were compromised.
A representative of SWRSC could not be reached for comment at the time of publication.
More articles on improving performance:
5 must-read articles for the ASC industry this week: Nov. 2 – 8
4 things surgeons should know when selecting an ASC for procedures
4 things for investors to know before securing ASC ownership
