Dakota Eye Institute (DEI), located in Bismarck, North Dakota, has disclosed a data breach to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR), affecting potentially 107,143 patients.
The breach notification on DEI’s website revealed that the healthcare provider had experienced a cybersecurity incident and subsequently engaged third-party cybersecurity experts to investigate, contain, and remediate the breach. However, the notification did not provide specific details about the nature of the breach, the duration it persisted, or the types of information compromised.
Furthermore, the OCR breach report indicated that no business associates were involved in the incident. To mitigate the impact of the breach, DEI is notifying affected individuals via mail and offering them complimentary credit monitoring services to safeguard against potential identity theft or fraudulent activity. DEI is taking steps to bolster its data security policies and procedures, aiming to reduce the likelihood of similar security incidents in the future.
Although the breach details remain undisclosed, this incident underscores the ongoing threats and cybersecurity challenges faced by healthcare organizations. Data breaches in the healthcare sector can result in the exposure of sensitive patient information and raise significant privacy and security concerns.