Wellstar Health System
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Wellstar Health System, based in Georgia, experienced a data breach that was announced on April 10, 2022. The breach involved unauthorized access to two Wellstar email accounts by an “unauthorized party.” The security incident was discovered on February 7, 2022, and it was determined that the email accounts were accessed between December 6, 2021, and January 3, 2022[1][5].
The compromised information included personal or protected health information such as names, medical record numbers, Wellstar account numbers, and lab information. However, Wellstar confirmed that social security numbers and financial information were not included in the accessed information[1][5]. There was no evidence to suggest that the data was misused or in the possession of unauthorized individuals, but Wellstar issued notices to anyone whose information may have been contained in the accessed accounts as a precaution[1].
In response to the incident, Wellstar disabled access to the impacted email accounts, required mandatory password resets, and implemented additional technical safeguards on its email system. They also provided additional training to employees to increase awareness of the risks of malicious emails[1].
Patients who were notified about the breach were advised to monitor their insurance statements for any transactions related to care or services that they did not receive[1]. For more information, Wellstar established a patient response line[1].
The breach was reported to the U.S. Department of Health and Human Services’ Office for Civil Rights as affecting 30,417 individuals[6].
Citations:
- https://www.11alive.com/article/news/local/wellstar-patient-data-breach/85-a94564b7-8b55-4b35-b8a9-11ceeb9371b6
- https://www.ajc.com/news/metro-atlanta-company-suffers-data-breach-affecting-54k-inmates/XYT7ZH3DGRDYVAKYV5G5CFBGJQ/
- https://law.justia.com/cases/georgia/court-of-appeals/2006/a06a0394-0.html
- https://casetext.com/case/wellstar-health-sys-inc-v-alfaro
- https://www.scmagazine.com/brief/data-breach-at-ga-health-system-confirmed
- https://www.hipaajournal.com/resources-for-human-development-wellstar-health-central-vermont-eye-care-announce-data-breaches/
- https://www.georgiatrend.com/2019/12/01/healthcare-hacks/
- https://caselaw.findlaw.com/ga-court-of-appeals/1209045.html
- https://www.fiercehealthcare.com/providers/georgia-lawmakers-naacp-ask-hhs-irs-investigate-wellstars-atlanta-hospital-closure
- https://casetext.com/case/wellstar-health-sys-v-green
- https://casetext.com/case/jimenez-v-wellstar-health-system
- https://caselaw.findlaw.com/court/ga-court-of-appeals/2135702.html
- https://www.wsbtv.com/news/local/atlanta/fulton-county-targeting-wellstar-with-potential-department-justice-investigation/CWXMSRCLPJA77OQWPFEFNY27W4/
- https://www.wellstar.org/corporate-purchasing/code-of-conduct
- https://www.news-daily.com/news/wellstar-unitedhealthcare-contract-squabble-going-down-to-wire/article_3922fcab-09e7-5833-af9a-18cf373b51d0.html
- https://violationtracker.goodjobsfirst.org/parent/wellstar-health-system
- https://www.hipaajournal.com/april-2022-healthcare-data-breach-report/
- https://caselaw.findlaw.com/ga-court-of-appeals/1335227.html
- https://decaturish.com/2023/03/fulton-county-filing-doj-complaint-over-wellstar-health-system-hospital-shutdowns/
- https://www.11alive.com/article/news/local/wellstar-federal-complaints-georgia/85-ace571d0-9e7b-4bf7-9aaa-9f1ad4e77d32