Frank Eye Center, P.A.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

The breach at Frank Eye Center, P.A., in Kansas was part of a larger cybersecurity incident affecting multiple eye care providers across the United States. This incident was linked to a hack of the electronic health records (EHR) vendor Eye Care Leaders (ECL), specifically targeting its cloud-based system, myCare Integrity. Frank Eye Center, P.A., reported to the Office for Civil Rights (OCR) on April 29, 2022, that 26,333 individuals had been affected by this breach[1][5][7][9][11][13].

The breach was part of a cyberattack discovered in December 2021, when ECL notified Frank Eye Center that the myCare Integrity EMR was not accessible due to “unspecified technical issues.” It was later revealed that an unknown attacker had accessed the Integrity back-end on December 4, 2021, and deleted some information. ECL managed to restore its data from backups and assured Frank Eye Center that additional security measures had been implemented to prevent future incidents. These measures included updating access controls and permissions, data storage security procedures, network protections, server patching, data backup processes, and enhancing technical resources and monitoring[5].

Frank Eye Center took steps to transition to a new electronic medical records service provider to ensure the security of new patient records. Despite the breach, there was no evidence at the time that the incident resulted in any harm to the individuals whose information was compromised. Frank Eye Center notified all potentially affected patients, offering them free credit monitoring services and advice on protecting themselves against identity theft and fraudulent activity[5].

This incident was part of a broader trend of cyberattacks targeting healthcare providers, with eye care providers being particularly affected. Over the past couple of years, cybersecurity hacks have impacted over six million individuals, with more than 1.5 million patients affected by the hack of an EHR vendor serving eye care professionals[1]. The breach at Frank Eye Center, P.A., underscores the vulnerability of healthcare providers to cyberattacks and the importance of robust cybersecurity measures to protect sensitive patient information.

Citations:

  1. https://thehipaaetool.com/eye-care-ehr-system-hacked/
  2. https://www.prideofdetroit.com/2024/2/8/24067032/detroit-lions-frank-ragnow-shuts-down-retirement-talk
  3. https://www.ksnt.com/news/local-news/480000-kansans-affected-by-medical-data-breaches/
  4. https://www.bizjournals.com/philadelphia/news/2023/06/12/former-prosecutor-leaves-montgomery-mccracken.html
  5. https://www.doj.nh.gov/consumer/security-breaches/documents/frank-eye-20220429.pdf
  6. https://www.fbi.gov/news/RSS
  7. https://www.thelyonfirm.com/blog/frank-eye-center-data-breach/
  8. https://www.nbcnews.com/politics/congress/sen-john-fetterman-checked-hospital-clinical-depression-rcna71087
  9. https://www.ksn.com/news/state-regional/biggest-health-care-data-breaches-you-should-know-about-in-kansas/
  10. https://www.cbsnews.com/detroit/news/lions-c-frank-ragnow-has-season-ending-toe-injury/
  11. https://www.netsec.news/eye-care-ehr-vendor-hack-impacts-multiple-ophthalmology-practices/
  12. https://www.news-journal.com/obituaries/dr-frank-stuart-murphy/article_e2206bd4-8cf9-5101-acee-7c2b31effa49.html
  13. https://stacker.com/kansas/biggest-health-care-data-breaches-you-should-know-about-kansas
  14. https://compliancy-group.com/eye-care-leaders-breach/
Breach Submission Date Apr 29, 2022
Converted Entity Name Frank Eye Center, P.A.
Converted Entity Type Healthcare Provider
State KS
Individuals Affected 26,333
Breach Type Hacking/IT Incident

Breach Information Location Electronic Medical Record

Business Associate Present Yes