Special LIVE Event: Marketing Your Telehealth Services: Successful, Legal & Ethical Online Strategies See Details

Telehealth.org_white_TM-pjv6xsrnwgp9iomadwb59h909wk53rjdzvgh9xqs6c

Healthcare Data Breach Targets Mental Health Provider

by | Dec 21, 2020 | 0 comments

Healthcare Data Breach Targets Mental Health Provider
Healthcare Data Breach

AspenPointe Inc., a mental health and substance abuse provider, was targeted by a healthcare data breach. The healthcare security breach, which allowed unauthorized access to their network, compromised the protected health information of 295,617 patients.

AspenPointe Healthcare Data Breach

AspenPointe discovered in late September that they had been hacked, allowing an unauthorized party to access their network. The healthcare data breach forced AspenPointe to close their operations for several days while they attempted to regain control of their systems.

In November, an investigation into the security breach concluded, determining that the unauthorized party had access to AspenPointe’s network from September 12 to September 22. Through the attack, the unauthorized party was able to exfiltrate both patient’s protected health information (PHI) and employee’s data. The PHI compromised by the incident varied by the patient, however, all of the patients affected by the incident had their full names exposed. Other exposed PHI included dates of birth, Social Security numbers, Medicaid ID numbers, dates of the last visit, admission dates, discharge dates, and/or diagnosis codes. Employee’s full names were also disclosed, as well as their dates of birth, Social Security numbers, driver’s license numbers, and/or bank account information.

Compensation by AspenPointe

In response to the incident, AspenPointe is offering affected individuals one year of complimentary credit monitoring services, $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery. They have also increased their security practices by forcing password changes, implementing additional endpoint protection, increasing monitoring, and implementing firewall changes.

AspenPoint made a statement addressing the healthcare data breach, “Please accept our apologies that this incident occurred. We are committed to maintaining the privacy of personal information in our possession and have taken precautions to safeguard it. We continually evaluate and modify our practices and internal controls to enhance the security and privacy of your personal information.” Find out more about Healthcare Breaches Rise amid COVID-19.

What Are Your Thoughts?

Please leave your comments below.

Cybersecurity course

How do you protect your practice from a ransomware attack?

Ransomware hackers attack smaller healthcare practices daily, creating serious data breaches and HIPAA violations.

Are you and your clients/patients vulnerable, too?

This course describes why healthcare information is so valuable to hackers and what to do when a cybersecurity breach occurs. Learn the industry best practices for limiting your risk of a ransomware attack.

Disclaimer: The Telebehavioral Health Institute (TBHI Telehealth.org) offers information as educational material designed to inform you of issues, products, or services potentially of interest. We cannot and do not accept liability for your decisions regarding any information offered. Please conduct your due diligence before taking action. Also, the views and opinions expressed are not intended to malign any organization, company, or individual. Product names, logos, brands, and other trademarks or images are the property of their respective trademark holders. There is no affiliation, sponsorship, or partnership suggested by using these brands unless contained in an ad. We do not and cannot offer legal, ethical, billing technical, medical, or therapeutic advice. Use of this site constitutes your agreement to TBHI Terms and Conditions and Privacy Policy.

0 Comments

Submit a Comment

Your email address will not be published.

Blog Categories