Wyoming Hospital Boosts Security, Issues Notifications After Breach
Cheyenne Regional Medical Center in Wyoming has added security measures and is informing people whose personal information was exposed due to a data breach earlier this year, hospital officials said.
The breach was discovered in April but is being publicly disclosed now to inform the community out of “an abundance of caution,” said Jacqueline Van Cleave, the hospital’s director of compliance and privacy.
Van Cleave told The Wyoming Tribune Eagle that a hacker accessed a “limited number” of employee email accounts that contained as many as 16,000 patients’ personal information, including dates of birth and Social Security numbers. The number of patients whose information was exposed is being checked, she said.
It appears that the hacker appeared to be interested in payroll information, and there is no evidence that the exposed patient information has been misused, she said.
The hospital’s review concluded in November, and officials plan to send notification letters to people whose information was in the compromised emails. The hospital is offering them free credit monitoring.
CRMC policies and procedures say that patient information must be securely stored in the hospital’s electronic health records system. But some information can be exchanged via email among staff for administrative purposes.
Since the breach, CRMC has implemented further security measures surrounding internal network applications and is continually reviewing its security process, officials said.
- Georgia Brokers and Agents Alarmed After Court Ruling Expands Liability for Them
- Acrisure Goes After Former Owners of Businesses it Acquired for Leaving to Compete
- Shipper Escapes $41.9M Award for Man Paralyzed When Lights Fell From Pallet on Him
- USI Insurance Services Claims Ex-Broker Poached Clients for Own New Agency