Riverplace Consulting Center, Anoka, Minn., is notifying 11,639 patients and the HHS Office for Civil Rights after finding malware in its information systems.
“Although at this time there is no evidence of any attempted or actual misuse of anyone’s information as a result of this incident, we have taken steps to notify all potentially impacted individuals and to provide resources to assist them,” the addiction treatment center said in a letter to patients earlier this month.
Riverplace Consulting discovered the breach on January 20; it hired a data security firm to help remove malware and restore information systems from backups. Forensic experts also were brought in to determine how the intrusion occurred and whether the intruder accessed information. That investigation concluded in February.
Also See: A1Care upgrades defenses against malware with Neushield offering
But while the investigation did not concluded that data had been accessed, experts could not rule out the possibility that patient names, dates of birth, personal information, insurance information, treatment information and Social Security numbers may have been…