Community healthcare provider First Choice has notified its customers of a data security incident that may have exposed the personal and protected health information of individuals treated at the firm.
First Choice first learned of the security incident on March 27 following a discrepancy in its technological environment. The firm then engaged an independent cybersecurity team to investigate the scope of the attack.
During the subsequent investigation, it was determined that certain protected health information may have been accessed without authorization. By June 3, a comprehensive review of potentially impacted data was concluded.
The affected personal and protected health information, as confirmed by First Choice, may have included names, Social Security numbers, First Choice patient ID numbers, diagnosis and clinical treatment information, medications, dates of service, health insurance information, medical record number, patient account number, date of birth, and provider information.
On August 1, the company notified affected individuals of this incident through the United States Postal Service and offered resources to help protect patients’ information.
“The privacy and protection of personal and protected health information is our top priority, and First Choice deeply regrets any inconvenience or concern this incident may cause,” the company said.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.