Pediatrics West, P.C.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Breach at Pediatrics West, P.C. in Massachusetts
Pediatrics West and Allergy West experienced a data security incident that disrupted some of their information technology systems. The incident was first identified after unusual activity was detected on their systems, prompting immediate action to secure the systems and an investigation with the help of a third-party forensic investigator. The investigation revealed that an unauthorized party accessed some of their systems between August 19, 2021, and August 15, 2022, potentially accessing locally stored files. These files may have contained patient information, including names, contact information, demographic details, dates of birth, diagnosis and treatment information, prescription details, medical record numbers, provider names, dates of service, and health insurance information. However, Social Security numbers and the electronic medical records system were not involved in the incident[1].
Pediatrics West and Allergy West are taking the situation seriously and have expressed regret for any concern caused by the incident. They have begun mailing notification letters to potentially impacted patients and recommend that these patients review statements from their healthcare providers for accuracy. To prevent future incidents, additional safeguards and technical security measures have been implemented to further protect and monitor their IT infrastructure. A dedicated call center has been established to answer questions about the incident, available at 855-504-4520 from 9 a.m. to 6:30 p.m. Monday to Friday, excluding some major holidays[1].
Additionally, Pediatrics West, P.C. has offered a complimentary two-year membership to Experian IdentityWorksSM to help protect the identity of those affected. This service helps detect possible misuse of personal information and provides identity protection services focused on identification and resolution of identity theft. The affected individuals have also been advised on steps they can take to avoid identity theft, including placing fraud alerts and security freezes on their credit reports[3].
For further assistance and information on the breach, affected individuals can contact the dedicated call center or refer to the notification letters sent by Pediatrics West and Allergy West[1][3].
Citations:
- https://www.lowellsun.com/2022/12/11/pediatrics-west-allergy-west-address-data-security-incident/
- https://www.texaschildrens.org
- https://www.mass.gov/doc/assigned-data-breach-number-29096-pediatrics-west-pc/download
- https://www.cbsnews.com/pittsburgh/news/flu-season-pediatric-death-west-virginia/
- https://www.mass.gov/lists/data-breach-notification-letters-february-2023
- https://health.usnews.com/doctors/pediatricians/massachusetts/boston
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
- https://trellis.law/case/25017/0581cv03713/gara-matthews-md-v-west-suburban-pediatrics-p-c-et-al
- https://pediatricswest.com
- https://www.hipaajournal.com/hipaa-violation-cases/
- https://reviews.birdeye.com/pediatrics-west-pc-155769503310627