Analecta Cyber Company Blog: 4,300 Patient Records Breached at Mass. General Partner

2016-07-26

4,300 Patient Records Breached at Mass. General Partner

The protected health information (PHI) of about 4,300 patients was compromised at the Massachusetts General Hospital in a recent security beach of a third-party vendor.

The hospital expressed their apology in a letter published to its website dated June 29. It reiterated their commitment to the security and confidentiality of their patient information.



Mass General learned of the unauthorized access to the electronic files from Patterson Dental Supply Inc. systems in February 2016.

The incident was immediately reported to the law enforcement officials who then instructed the practice to temporarily withhold official notification until the investigation was completed. The practice began notifying affected individuals in May.

The investigation reports that the breached PHI was limited to information about some of the dental patients of Mass General. The PHI breach includes patient names, social security numbers and dates of birth. In some instances it also includes the individual's medical record ID and the healthcare provider's name.

Massachusetts General Hospital stated that the breach did not involve the unauthorized access of patient data of any Hospital information system.