In May 2024, Providence Mission Heritage Endocrinology in Mission Viejo, CA, uncovered an insider breach involving unauthorized access to patient clinical records. The breach was discovered to have been ongoing for over three years, beginning on December 15, 2020, and continuing until May 15, 2024. The details of the unauthorized access have not been fully disclosed, but the incident is under active investigation by the California Department of Insurance.
The investigation revealed that the breach involved the access of patient names, State IDs, driver’s license numbers, and health insurance coverage information. Fortunately, Social Security numbers were not accessed in the breach. In response, Providence is offering 12 months of complimentary credit monitoring and identity protection services to the affected individuals as a precautionary measure.
Cambria Haydon, the Chief Privacy Officer at Providence, has advised all impacted patients to take advantage of the offered services to protect their identities. The breach has been reported to the U.S. Department of Health and Human Services’ Office for Civil Rights, indicating that approximately 2,000 individuals were affected by the incident.
Providence Mission Heritage Endocrinology is now working to address the security lapse that allowed the breach to persist for such a long duration. The ongoing investigation aims to prevent similar incidents in the future and ensure the privacy and security of patient information moving forward.
Reference:
