Data Breach at Patient Home Monitoring Exposes 150,000 Patient Records

Data Breach at Patient Home Monitoring Exposes 150,000 Patient Records

October 11, 2017         Written By John H. Oldshue

The medical records of nearly 150,000 patients was exposed when a security research team accessed the data storage account of Patient Home Monitoring (PHM), which coordinates in-home medical testing.

Kromtech Security Center, a data security firm, found this sensitive patient information stored on an unsecured Amazon S3 bucket, which many companies use to store data. Information contained on the server included patient information, such as names, phone numbers, addresses and weekly blood test and other test results. Doctor information contained on the server included doctor names, client data and case management notes. In total, the file contained 47.5GB worth of data, which included an estimated 316,000 PDF files.

“This Amazon repository was misconfigured to be [publicly] available and anyone with an internet connection could access these confidential medical records,” Alex Kernishniuk, vice president of strategic alliances at Kromtech, said in a statement. “Even the most basic security measures would have prevented this data breach.”

The company notified PHM and healthcare authorities of the exposed information on October 5, and the problem has been fixed. PHM has not confirmed whether it received the report from Kromtech, though.

The Health Insurance Portability and Accountability Act (HIPAA) requires medical providers to create policies that will safeguard health information. In the case of a breach, HIPAA’s Breach Notification Rule requires providers to notify patients “without unreasonable delay” and “no later than 60 days following the discovery of the breach.” HIPAA also requires medical providers to notify major news outlets in any state where more than 500 affected patients live.

It is unclear what steps PHM has taken to notify patients of the exposed information.



The information contained within this article was accurate as of October 11, 2017. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


john-oldshue

About John H. Oldshue

John Oldshue is the creator of LowCards.com. He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for LowCards.com.
View all posts by John H. Oldshue
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured Cash Back Card
Top Features : 1.5% cash back on all purchases; $150 bonus after spending $500 in first 3 months
Featured No Annual Fee Card
Top Features : Earn cash back TWICE. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : Perfect credit not required; Reports to major credit bureaus
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time