Quest Diagnostics — a major medical testing provider — disclosed a breach that may have exposed nearly 12 million patients' medical and billing information, according to SecureWorld News.
1. Quest Diagnostics, which is widely used by physicians, the breach targeted a third-party vendor's system, which contained Quest patients' information.
2. American Medical Collection Agency notified Quest Diagnostics May 14 about unauthorized activity on its payment page. Quest Diagnostics contracts with Optum360 for revenue cycle services, and Optum360 contracts with AMCA to collect on bad accounts.
3. An unauthorized user had access to AMCA's system between Aug. 1, 2018, and March 30, 2019. The system contained information on 11.9 million Quest Diagnostics patients.
4. Information on the type of tests being billed for may have been exposed, but the results of those tests weren't affected.
5. SecureWorld News said the incident underscores the importance of evaluating the security controls of your third-party vendor, as well as that vendor's third-party vendor.
More articles on coding, billing and collections:
5 strategies to improve ASC billing and collections
Following up on accounts receivable — 5 best practices for ASCs
9 revenue cycle benchmarks for ASCs